Android Security Vulnerabilities
In ca-certificates, there is a possible way to read encrypted TLS data due to untrusted cryptographic certificates. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...
6.3AI Score
0.0004EPSS
In setMediaButtonReceiver of MediaSessionRecord.java, there is a possible way to send a pending intent on behalf of system_server due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
7AI Score
0.0004EPSS
In discovery_thread of Dns64Configuration.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.2AI Score
0.0004EPSS
5CVSS
5.8AI Score
0.001EPSS
there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by performing certain...
7.5CVSS
7.4AI Score
0.001EPSS
Out-of-bounds Write vulnerabilities in svc1td_vld_slh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer...
7.8CVSS
7.6AI Score
0.0004EPSS
Out-of-bounds Write vulnerabilities in svc1td_vld_plh_ap of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer...
7.8CVSS
7.6AI Score
0.0004EPSS
Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows local privileged attackers to cause an Out-Of-Bounds...
7.1CVSS
6.6AI Score
0.0004EPSS
Out-of-bounds Write vulnerabilities in svc1td_vld_elh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer...
7.8CVSS
7.6AI Score
0.0004EPSS
Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary...
8.4CVSS
7.7AI Score
0.0004EPSS
Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary...
8.4CVSS
7.7AI Score
0.0004EPSS
Improper authentication vulnerability in onCharacteristicWriteRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user...
8CVSS
6.5AI Score
0.0004EPSS
Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to SMR Feb-2024 Release 1 allows local attackers access unauthorized...
5.5CVSS
5.3AI Score
0.0004EPSS
Improper authentication vulnerability in onCharacteristicReadRequest in Auto Hotspot prior to SMR Feb-2024 Release 1 allows adjacent attackers connect to victim's mobile hotspot without user...
8CVSS
6.5AI Score
0.0004EPSS
Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure...
5.1CVSS
4AI Score
0.0004EPSS
Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows local attackers to get sensitive...
3.3CVSS
3.9AI Score
0.0004EPSS
In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358560; Issue ID:...
6.7CVSS
6.6AI Score
0.0004EPSS
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08471742; Issue ID:...
6.7CVSS
6.7AI Score
0.0004EPSS
In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08477148; Issue ID:...
6.7CVSS
6.7AI Score
0.0004EPSS
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961601; Issue ID:...
6.7CVSS
6.7AI Score
0.0004EPSS
In mp3 decoder, there is a possible out of bounds write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441369; Issue ID:...
7.5CVSS
7.8AI Score
0.001EPSS
In alac decoder, there is a possible out of bounds write due to an incorrect error handling. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441150; Issue ID:...
8.8CVSS
8.6AI Score
0.001EPSS
In alac decoder, there is a possible information disclosure due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441146; Issue ID:...
9.8CVSS
8.5AI Score
0.001EPSS
In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358566; Issue ID:...
6.7CVSS
6.6AI Score
0.0004EPSS
In telephony, there is a possible escalation of privilege due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441419; Issue ID:...
7.8CVSS
7.7AI Score
0.0004EPSS
In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation Patch ID: ALPS07835901; Issue ID:...
4.4CVSS
4.7AI Score
0.0004EPSS
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID:...
6.7CVSS
6.7AI Score
0.0004EPSS
Improper authorization in handler for custom URL scheme issue in "Mercari" App for Android prior to version 5.78.0 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a victim of a phishing...
6.1CVSS
6.2AI Score
0.001EPSS
4.3CVSS
4.3AI Score
0.001EPSS
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a local attacker to retrieve the hard-coded API key when the application binary is reverse-engineered. This API key may be used for unexpected access of the associated...
5.5CVSS
5.2AI Score
0.0004EPSS
In vsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges...
4.4CVSS
4.8AI Score
0.0004EPSS
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges...
4.4CVSS
4.8AI Score
0.0004EPSS
In telephone service, there is a possible improper input validation. This could lead to local information disclosure with no additional execution privileges...
5.5CVSS
5.2AI Score
0.0004EPSS
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges...
4.4CVSS
4.8AI Score
0.0004EPSS
In drm driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges...
4.4CVSS
4.8AI Score
0.0004EPSS
In autotest driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges...
4.4CVSS
4.8AI Score
0.0004EPSS
In video decoder, there is a possible improper input validation. This could lead to local denial of service with no additional execution privileges...
5.5CVSS
5.4AI Score
0.0004EPSS
In vsp driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges...
4.4CVSS
4.8AI Score
0.0004EPSS
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges...
5.5CVSS
5.5AI Score
0.0004EPSS
In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges...
5.5CVSS
5.4AI Score
0.0004EPSS
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges...
5.5CVSS
5.5AI Score
0.0004EPSS
In phasecheckserver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges...
5.5CVSS
5.5AI Score
0.0004EPSS
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges...
5.5CVSS
5.5AI Score
0.0004EPSS
In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges...
5.5CVSS
5.4AI Score
0.0004EPSS
In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges...
5.5CVSS
5.5AI Score
0.0004EPSS
In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges...
5.5CVSS
5.4AI Score
0.0004EPSS
In media service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges...
4.4CVSS
4.7AI Score
0.0004EPSS
In jpg driver, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges...
4.4CVSS
4.4AI Score
0.0004EPSS
In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges...
5.5CVSS
5.5AI Score
0.0004EPSS