HKCERT Infosec Express

Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger data manipulation, denial of service condition and remote code execution on the targeted system. Impact Remote Code Execution Denial of Service Data Manipulation System / Technologies affected Microsoft Edge version prior to 139.0.3405.102 Solutions Before installation of the software, please visit the software vendor web-site for more details. Apply fixes issued by the vendor: Update to version 139.0.3405.102 or later

A vulnerability has been identified in Fortinet FortiWeb. A remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system.   Note: Proof of Concept exploit code Is publicly available for CVE-2025-52970. The vulnerability may allow an unauthenticated… Impact Security Restriction Bypass System / Technologies affected FortiWeb 7.6 version 7.6.0 through 7.6.3 FortiWeb 7.4 version 7.4.0 through 7.4.7 FortiWeb 7.2 version 7.2.0 through 7.2.10 FortiWeb 7.0 version 7.0.0 through 7.0.10 Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor: https://fortiguard.fortinet.com/psirt/FG-IR-25-448

Multiple vulnerabilities were identified in Cisco products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege and security restriction bypass on the targeted system. Impact Denial of Service Security Restriction Bypass Elevation of Privilege System / Technologies affected Cisco IOS Software Cisco IOS XE Software Cisco Secure Firewall Adaptive Security Appliance (ASA) Software Cisco Secure Firewall Threat Defense (FTD) Software Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3100_4200_tlsdos-2yNSCd54 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-buffer-overflow-PyRUhWBC https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-acl-bypass-mtPze9Yh https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-cmdinj-VEhFeZQ3 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dhcp-qj7nGs4N https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-http-file-hUyX2jL4 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ios-dos-DOESHWHy https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-nat-dns-dos-bqhynHTM https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssltls-dos-eHw76vZe https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpn-dos-mfPekA6e https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpnwebs-dos-hjBhmBsX https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp2k-IPsec-dos-tjwgdZCO

A vulnerability was identified in Palo Alto PAN-OS. A remote attacker can exploit this vulnerability to trigger sensitive information disclosure on the targeted system. Impact Information Disclosure System / Technologies affected On PA-7500 Series: PAN-OS 11.1 versions earlier than PAN-OS 11.1.10 PAN-OS 11.2 versions earlier than PAN-OS 11.2.8 Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor: https://security.paloaltonetworks.com/CVE-2025-2182

Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger cross-site scripting, data manipulation, sensitive information disclosure, denial of service condition and security restriction bypass on the targeted system. Impact Denial of Service Security Restriction Bypass Data Manipulation Cross-Site Scripting Information Disclosure System / Technologies affected GitLab Community Edition (CE) versions prior to 18.2.2, 18.1.4 and 18.0.6 GitLab Enterprise Edition (EE) versions prior to 18.2.2, 18.1.4 and 18.0.6 Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor: https://about.gitlab.com/releases/2025/08/13/patch-release-gitlab-18-2-2-released/

Multiple vulnerabilities were identified in RedHat Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger spoofing, remote code execution, sensitive information disclosure, denial of service condition, data manipulation, elevation of privilege and security restriction bypass on the targeted system… Impact Denial of Service Elevation of Privilege Security Restriction Bypass Information Disclosure Remote Code Execution Data Manipulation Spoofing System / Technologies affected Red Hat CodeReady Linux Builder for ARM 64 – Extended Update Support 10.0 aarch64 Red Hat CodeReady Linux Builder for ARM 64 – Extended Update Support 9.4 aarch64 Red Hat CodeReady Linux Builder for ARM 64 – Extended Update Support 9.6 aarch64 Red Hat CodeReady Linux Builder for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems – Extended Update Support 10.0 s390x Red Hat CodeReady Linux Builder for IBM z Systems – Extended Update Support 9.4 s390x Red Hat CodeReady Linux Builder for IBM z Systems – Extended Update Support 9.6 s390x Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x Red Hat CodeReady Linux Builder for Power, little endian – Extended Update Support 10.0 ppc64le Red Hat CodeReady Linux Builder for Power, little endian – Extended Update Support 9.4 ppc64le Red Hat CodeReady Linux Builder for Power, little endian – Extended Update Support 9.6 ppc64le Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le Red Hat CodeReady Linux Builder for x86_64 – Extended Update Support 10.0 x86_64 Red Hat CodeReady Linux Builder for x86_64 – Extended Update Support 9.4 x86_64 Red Hat CodeReady Linux Builder for x86_64 – Extended Update Support 9.6 x86_64 Red Hat CodeReady Linux Builder for x86_64 10 x86_64 Red Hat CodeReady Linux Builder for x86_64 9 x86_64 Red Hat Enterprise Linux for ARM 64 – 4 years of updates 10.0 aarch64 Red Hat Enterprise Linux for ARM 64 – 4 years of updates 9.0 aarch64 Red Hat Enterprise Linux for ARM 64 – 4 years of updates 9.4 aarch64 Red Hat Enterprise Linux for ARM 64 – 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for ARM 64 – Extended Update Support 10.0 aarch64 Red Hat Enterprise Linux for ARM 64 – Extended Update Support 9.4 aarch64 Red Hat Enterprise Linux for ARM 64 – Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for IBM z Systems – 4 years of updates 10.0 s390x Red Hat Enterprise Linux for IBM z Systems – 4 years of updates 9.0 s390x Red Hat Enterprise Linux for IBM z Systems – 4 years of updates 9.4 s390x Red Hat Enterprise Linux for IBM z Systems – 4 years of updates 9.6 s390x Red Hat Enterprise Linux for IBM z Systems – Extended Update Support 10.0 s390x Red Hat Enterprise Linux for IBM z Systems – Extended Update Support 9.4 s390x Red Hat Enterprise Linux for IBM z Systems – Extended Update Support 9.6 s390x Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for Power, little endian – 4 years of support 10.0 ppc64le Red Hat Enterprise Linux for Power, little endian – Extended Update Support 10.0 ppc64le Red Hat Enterprise Linux for Power, little endian – Extended Update Support 9.4 ppc64le Red Hat Enterprise Linux for Power, little endian – Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Real Time 8 x86_64 Red Hat Enterprise Linux for Real Time for NFV 8 x86_64 Red Hat Enterprise Linux for x86_64 – 4 years of updates 10.0 x86_64 Red Hat Enterprise Linux for x86_64 – Extended Update Support 10.0 x86_64 Red Hat Enterprise Linux for x86_64 – Extended Update Support 9.4 x86_64 Red Hat Enterprise Linux for x86_64 – Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux for x86_64 – Extended Update Support Extension 8.4 x86_64 Red Hat Enterprise Linux for x86_64 – Extended Update Support Extension 8.8 x86_64 Red Hat Enterprise Linux for x86_64 – Update Services for SAP Solutions 8.8 x86_64 Red Hat Enterprise Linux for x86_64 – Update Services for SAP Solutions 9.0 x86_64 Red Hat Enterprise Linux for x86_64 – Update Services for SAP Solutions 9.4 x86_64 Red Hat Enterprise Linux for x86_64 – Update Services for SAP Solutions 9.6 x86_64 Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux Server – AUS 8.2 x86_64 Red Hat Enterprise Linux Server – AUS 8.4 x86_64 Red Hat Enterprise Linux Server – AUS 9.4 x86_64 Red Hat Enterprise Linux Server – AUS 9.6 x86_64 Red Hat Enterprise Linux Server – TUS 8.8 x86_64 Red Hat Enterprise Linux Server for Power LE – Update Services for SAP Solutions 8.8 ppc64le Red Hat Enterprise Linux Server for Power LE – Update Services for SAP Solutions 9.0 ppc64le Red Hat Enterprise Linux Server for Power LE – Update Services for SAP Solutions 9.4 ppc64le Red Hat Enterprise Linux Server for Power LE – Update Services for SAP Solutions 9.6 ppc64le Red Hat OpenShift Container Platform 4.14 for RHEL 8 x86_64 Red Hat OpenShift Container Platform 4.14 for RHEL 9 x86_64 Red Hat OpenShift Container Platform 4.18 for RHEL 8 x86_64 Red Hat OpenShift Container Platform 4.18 for RHEL 9 x86_64 Red Hat OpenShift Container Platform for ARM 64 4.14 for RHEL 8 aarch64 Red Hat OpenShift Container Platform for ARM 64 4.14 for RHEL 9 aarch64 Red Hat OpenShift Container Platform for ARM 64 4.18 for RHEL 8 aarch64 Red Hat OpenShift Container Platform for ARM 64 4.18 for RHEL 9 aarch64 Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.14 for RHEL 8 s390x Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.14 for RHEL 9 s390x Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.18 for RHEL 8 s390x Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.18 for RHEL 9 s390x Red Hat OpenShift Container Platform for Power 4.14 for RHEL 8 ppc64le Red Hat OpenShift Container Platform for Power 4.14 for RHEL 9 ppc64le Red Hat OpenShift Container Platform for Power 4.18 for RHEL 8 ppc64le Red Hat OpenShift Container Platform for Power 4.18 for RHEL 9 ppc64le Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor: https://access.redhat.com/errata/RHSA-2025:11669 https://access.redhat.com/errata/RHSA-2025:11677 https://access.redhat.com/errata/RHSA-2025:11678 https://access.redhat.com/errata/RHSA-2025:12525 https://access.redhat.com/errata/RHSA-2025:12623 https://access.redhat.com/errata/RHSA-2025:12662 https://access.redhat.com/errata/RHSA-2025:12746 https://access.redhat.com/errata/RHSA-2025:12753 https://access.redhat.com/errata/RHSA-2025:12976 https://access.redhat.com/errata/RHSA-2025:12977 https://access.redhat.com/errata/RHSA-2025:13029 https://access.redhat.com/errata/RHSA-2025:13030 https://access.redhat.com/errata/RHSA-2025:13061 https://access.redhat.com/errata/RHSA-2025:13120 https://access.redhat.com/errata/RHSA-2025:13135 https://access.redhat.com/errata/RHSA-2025:13805

Multiple vulnerabilities were identified in F5 BIG-IP. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition and elevation of privilege on the targeted system. Impact Denial of Service Elevation of Privilege System / Technologies affected BIG-IP (all modules) version 15.1.0 – 15.1.10 version 16.1.0 – 16.1.6 version 17.1.0 – 17.1.2 version 17.5.0 – 17.5.1 BIG-IP Next (all modules) version 20.3.0 BIG-IP Next SPK version 2.0.0 – 2.0.2 version 1.7.0 – 1.9.2 BIG-IP Next CNF version 2.0.0 – 2.0.2 version 1.1.0 – 1.4.1 BIG-IP Next for Kubernetes version 2.0.0 APM Clients version 7.2.5 Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor: https://my.f5.com/manage/s/article/K000141436 https://my.f5.com/manage/s/article/K000151546 https://my.f5.com/manage/s/article/K000151782 https://my.f5.com/manage/s/article/K000152001

Multiple vulnerabilities were identified in Debian Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege and sensitive information disclosure on the targeted system. Impact Denial of Service Elevation of Privilege Information Disclosure System / Technologies affected Debian stable versions prior to 6.12.41-1 Debian bookworm versions prior to 6.1.147-1 Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor: https://lists.debian.org/debian-security-announce/2025/msg00137.html https://lists.debian.org/debian-security-announce/2025/msg00139.html

A vulnerability has been identified in Apache Tomcat. A remote attacker could exploit this vulnerability to trigger denial of service condition on the targeted system. Impact Denial of Service System / Technologies affected Apache Tomcat version 11.0.0-M1 to 11.0.09 Apache Tomcat version 10.1.0-M1 to 10.1.43  Apache Tomcat version 9.0.0-M1 to 9.0.107 Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor: https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.108 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.44 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.10

Multiple vulnerabilities have been identified in Ivanti Products. A remote attacker could exploit these vulnerabilities to trigger denial of service condition and sensitive information disclosure on the targeted system.   Impact Denial of Service Information Disclosure System / Technologies affected Ivanti Connect Secure (ICS) version 22.7R2.7 and prior Ivanti Policy Secure (IPS) version 22.7R1.4 and prior Ivanti ZTA Gateway version 22.8R2.2 Ivanti Neurons for Secure Access version 22.8R1.3 and prior Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor: https://forums.ivanti.com/s/article/August-Security-Advisory-Ivanti-Connect-Secure-Policy-Secure-ZTA-Gateways-Multiple-CVEs?language=en_US

Microsoft has released monthly security update for their products:   Vulnerable Product Risk Level Impacts Notes Windows Medium Risk Denial of Service Elevation of Privilege Remote Code Execution Spoofing Information Disclosure   Microsoft Dynamics Medium Risk Spoofing … Impact Remote Code Execution Elevation of Privilege Information Disclosure Denial of Service Spoofing Data Manipulation System / Technologies affected Windows Microsoft Dynamics SQL Server Server Software Microsoft Office Developer Tools Azure Browser Extended Security Updates (ESU) Device Open Source Software Apps Solutions Before installation of the software, please visit the vendor web-site for more details.  Apply fixes issued by the vendor.

Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger data manipulation, denial of service condition and remote code execution on the targeted system. Impact Remote Code Execution Denial of Service Data Manipulation System / Technologies affected Google Chrome prior to 139.0.7258.127 (Linux) Google Chrome prior to 139.0.7258.127/.128 (Mac) Google Chrome prior to 139.0.7258.127/.128 (Windows) Solutions Before installation of the software, please visit the software vendor web-site for more details. Apply fixes issued by the vendor: Update to version 139.0.7258.127 (Linux) or later Update to version 139.0.7258.127/.128 (Mac) or later Update to version 139.0.7258.127/.128 (Windows) or later

Multiple vulnerabilities were identified in Zoom Products. A remote attacker could exploit these vulnerabilities to trigger elevation of privilege and denial of service condition on the targeted system. Impact Denial of Service Elevation of Privilege System / Technologies affected Zoom Workplace for Windows before version 6.3.10 Zoom Workplace for Windows before version 6.4.10 Zoom Workplace VDI for Windows before version 6.3.10 (except 6.1.16 and 6.2.12) Zoom Workplace VDI for Windows before version 6.3.12 (except 6.2.15) Zoom Rooms for Windows before version 6.3.10 Zoom Rooms for Windows before version 6.4.5 Zoom Rooms Controller for Windows before version 6.3.10 Zoom Rooms Controller for Windows before version 6.4.5 Zoom Meeting SDK for Windows before version 6.3.10 Zoom Meeting SDK for Windows before version 6.4.10 Solutions Before installation of the software, please visit the vendor web-site for more details. Apply fixes issued by the vendor:   https://www.zoom.com/en/trust/security-bulletin/zsb-25029/ https://www.zoom.com/en/trust/security-bulletin/zsb-25030/

Adobe has released monthly security update for their products:   Vulnerable Product Risk Level Impacts Notes Details (including CVE) Adobe Commerce Medium Risk Denial of Service Elevation of Privilege Information Disclosure Cross-site Scripting Security Restriction Bypass… Impact Remote Code Execution Elevation of Privilege Cross-Site Scripting Security Restriction Bypass Information Disclosure Denial of Service System / Technologies affected Adobe Commerce 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier versions Adobe Commerce B2B 1.5.3-alpha1, 1.5.2-p1, 1.4.2-p6, 1.3.5-p11, 1.3.4-p13, 1.3.3-p14 and earlier versions Magento Open Source 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13 and earlier versions Adobe Substance 3D Viewer 0.25 and earlier versions Adobe Animate 2023 23.0.12 and earlier versions Adobe Animate 2024 24.0.9 and earlier versions Illustrator 2025 29.6.1 and earlier versions Illustrator 2024 28.7.8 and earlier versions Photoshop 2025 26.8 and earlier versions Photoshop 2024 25.12.3 and earlier versions Adobe Substance 3D Modeler 1.22.0 and earlier versions Adobe Substance 3D Painter 11.0.2 and earlier versions Adobe Substance 3D Sampler 5.0.3 and earlier versions Adobe InDesign ID20.4 and earlier versions Adobe InDesign ID19.5.4 and earlier versions Adobe InCopy  20.4 and earlier versions Adobe InCopy  19.5.4 and earlier versions Adobe Substance 3D Stager 3.1.3 and earlier versions Adobe FrameMaker 2020 Release Update 8 and earlier versions Adobe FrameMaker 2022 Release Update 6 and earlier versions Adobe Dimension 4.1.3 and earlier versions Solutions Before installation of the software, please visit the vendor web-site for more details. Apply fixes issued by the vendor. Please refer to ‘Details’ column in the above table for details of individual product update or run software update.

Multiple vulnerabilities were identified in Zimbra. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass, denial of service condition and sensitive information disclosure, on the targeted system.   Impact Security Restriction Bypass Denial of Service Information Disclosure System / Technologies affected Zimbra Daffodil prior to 10.0.16 Zimbra Daffodil prior to 10.1.10 Solutions Before installation of the software, please visit the vendor web-site for more details.   Apply fixes issued by the vendor: https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.16 https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.10

Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, denial of service condition, spoofing and remote code execution on the targeted system. Impact Remote Code Execution Denial of Service Information Disclosure Spoofing System / Technologies affected Microsoft Edge version prior to 139.0.3405.86 Solutions Before installation of the software, please visit the software vendor web-site for more details. Apply fixes issued by the vendor: Update to version 139.0.3405.86 or later

Multiple vulnerabilities were identified in Trend Micro Products. An attacker could exploit some of these vulnerabilities to trigger remote code execution on the targeted system.   Note: CVE-2025-54948 and CVE-2025-54987 are being scattered exploited.  This vulnerability allow a pre… Impact Remote Code Execution System / Technologies affected Trend Micro Apex One – 2019 (On-prem) Trend Micro Apex One – Management Server Version 14039 and below Trend Micro Apex One as a Service (SaaS) Trend Vision One™ Endpoint Security – Standard Endpoint Protection Solutions Before installation of the software, please visit the software manufacturer web-site for more details.   Apply fixes issued by the vendor: https://success.trendmicro.com/en-US/solution/KA-0020652

Multiple vulnerabilities were identified in Samsung Products. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass, sensitive information disclosure and data manipulation on the targeted system.   Impact Security Restriction Bypass Information Disclosure Data Manipulation System / Technologies affected Samsung mobile devices running Android 13, 14, 15, 16 Samsung Android Watch 16 For affected products, please refer to the link below: https://security.samsungmobile.com/securityUpdate.smsb Solutions Before installation of the software, please visit the vendor website for more details.   Apply fixes issued by the vendor: https://security.samsungmobile.com/securityUpdate.smsb

Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, denial of service condition, spoofing and remote code execution on the targeted system. Impact Remote Code Execution Denial of Service Information Disclosure Spoofing System / Technologies affected Google Chrome prior to 139.0.7258.66 (Linux) Google Chrome prior to 139.0.7258.66/67 (Mac) Google Chrome prior to 139.0.7258.66/67 (Windows) Solutions Before installation of the software, please visit the software vendor web-site for more details. Apply fixes issued by the vendor: Update to version 139.0.7258.66 (Linux) or later Update to version 139.0.7258.66/67 (Mac) or later Update to version 139.0.7258.66/67 (Windows) or later

Multiple vulnerabilities were identified in Android. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege and remote code execution on the targeted system.   Impact Remote Code Execution Elevation of Privilege System / Technologies affected Android security patch level prior to 2025-08-01 Solutions Before installation of the software, please visit the vendor web-site for more details. Apply fixes issued by the vendor: https://source.android.com/docs/security/bulletin/2025-08-01