PT-2024-4194

Name of the Vulnerable Software and Affected Versions Android versions 12 and 13 Description The issue is related to improper input validation in the createSessionInternal function of PackageInstallerService.java, which could lead to local escalation of privilege with no additional execution...

PT-2024-18749 · Google +1 · Android 12 +3

Name of the Vulnerable Software and Affected Versions: Samsung Voice Recorder versions prior to 21.5.16.01 in Android 12 and Android 13 Samsung Voice Recorder versions prior to 21.4.51.02 in Android 14 Description: The issue is related to improper access control in the Samsung Voice Recorder,...

CVE-2023-42577

Improper Access Control in Samsung Voice Recorder prior to versions 21.4.15.01 in Android 12 and Android 13, 21.4.50.17 in Android 14 allows physical attackers to access Voice Recorder information on the lock screen...

PT-2023-12656 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12 through Android-13 Description: The issue arises from uncaught errors in parsing stored configurations within the validateForCommonR1andR2 function of PasspointConfiguration.java. This can lead to a local persisten...

PT-2023-17749 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12L through Android-13 Description: The issue is related to improper input validation in the launchDeepLinkIntentToRight function of SettingsHomepageActivity.java. This could allow the launch of arbitrary activities,...

CVE-2023-21462

The sensitive information exposure vulnerability in Quick Share Agent prior to versions 3.5.14.18 in Android 12 and 3.5.16.20 in Android 13 allows to local attacker to access MAC address without related permission...

PT-2023-17737 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12 through Android-13 Description: In the dropFramesUntilIframe function of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure wit...

PT-2022-14709 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12 through Android-13 Description: In the setDataSource function of initMediaExtractor.cpp, there is a possibility of arbitrary code execution due to a use after free. This could lead to local information disclosure...

CVE-2022-20418

In pickStartSeq of AAVCAssembler.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12...

PT-2022-14643 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12 through Android-13 Description: The issue is related to an incorrect bounds check in the audioTransportsToHal function of HidlUtils.cpp, which could lead to a possible out of bounds write. This might result in loca...