CVE-2022-20433

There is an missing authorization issue in the system service. Since the component does not have permission check , resulting in Local Elevation of privilege.Product: AndroidVersions: Android SoCAndroid ID: A-242221901...

CVE-2020-0420

In setUpdatableDriverPath of GpuService.cpp, there is a possible memory corruption due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2020-0325

In NFC, there is a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-145079309...

PT-2025-24453

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The vulnerability resides within the System component of the Android operating system, stemming from improper code generation management. Remote attackers can potentially execute arbitrary...

PT-2025-24447

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: A logic error in the code may allow a lock screen bypass, potentially leading to local privilege escalation without requiring additional execution privileges or user interaction. The...

Huawei EMUI and HarmonyOS Bypass Privilege Inspection Vulnerability

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. Huawei EMUI and HarmonyOS have a bypass privilege checking vulnerability that can be exploited by an attacker to...

Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification

Google has stepped in to clarify that a newly introduced Android System SafetyCore app does not perform any client-side scanning of content. "Android provides many on-device protections that safeguard users against threats like malware, messaging spam and abuse protections, and phone scam...

Google Pixel 缓冲区错误漏洞

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An information disclosure vulnerability exists in the System component of Android 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 for Google Pixel/Nexus devices, which can be...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system developed by Google Inc. in the United States. Google Android suffers from a security vulnerability that originates from a heap buffer overflow in the constructtransactionfromcmd function of the lwisioctl.c file, which may have...

Google Pixel 安全漏洞

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An information disclosure vulnerability exists in the System component of Android 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 for Google Pixel/Nexus devices, which can be...

Gmail's New Shielded Email Feature Lets Users Create Aliases for Email Privacy

Google appears to be readying a new feature called Shielded Email that allows users to create email aliases when signing up for online services and better combat spam. The feature was first reported by Android Authority last week following a teardown of the latest version of Google Play Services...

Google Android elevation of privilege vulnerability (CNVD-2025-02972)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is due to a logic error in the code that can be exploited by an attacker to escalate privileges...

CVE-2024-9395

A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox 131...

Sensitive Information Disclosure

react-native-mmkv is vulnerable to Sensitive Information Disclosure. The vulnerability is due to logging the encryption key for the MMKV database into the Android system log. This issue can be exploited by an attacker via accessing to the Android Debugging Bridge resulting in sensitive informatio...

PT-2023-7533 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to the December 2023 security update Description: The issue is related to a use after free vulnerability in the callback thread event function of com android bluetooth btservice AdapterService.cpp. This could lead to...

Design/Logic Flaw

The vulnerability is an intent redirection in LG ThinQ Service "com.lge.lms2" in the "com/lge/lms/things/ui/notification/NotificationManager.java" file. This vulnerability could be exploited by a third-party app installed on an LG device by sending a broadcast with the action...

Google Releases Android Patch Update for 3 Actively Exploited Vulnerabilities

Google has released its monthly security updates for the Android operating system, addressing 46 new software vulnerabilities. Among these, three vulnerabilities have been identified as actively exploited in targeted attacks. One of the vulnerabilities tracked as CVE-2023-26083 is a memory leak...

PT-2023-12028 · Imagination Technologies +1 · Powervr +1

Name of the Vulnerable Software and Affected Versions: Android SoC versions affected versions not specified Description: A missing size check in the PVRSRVBridgeRGXKickSync of the PowerVR kernel driver may cause an integer overflow, leading to out-of-bounds heap access. This could result in local...

PT-2023-1858 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: The issue is caused by an incorrect bounds check in the SDP AddAttribute function of sdp db.cc, leading to a possible out of bounds write. This could result in remote code execution...

ASB-A-234441463

In setImpl of AlarmManagerService.java, there is a possible way to put a device into a boot loop due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...