Lucene search
K

4347 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:14 a.m.8 views

CVE-2019-2017

In rwt2thandletlvdetectrsp of rwt2tndef.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0...

7.8CVSS7.2AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:14 a.m.8 views

CVE-2019-2071

In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117216549...

8.8CVSS7.8AI score0.00714EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:13 a.m.5 views

CVE-2019-2174

In SensorManager::assertStateLocked of SensorManager.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.3AI score0.00139EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:13 a.m.21 views

CVE-2019-2129

In extract3GPPGlobalDescriptions of TextDescriptions.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:...

6.5CVSS6.6AI score0.00746EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:13 a.m.6 views

CVE-2019-2165

In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112712154...

6.5CVSS6.3AI score0.00583EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:13 a.m.8 views

CVE-2019-2004

In publishKeyEvent, publishMotionEvent and sendUnchainedFinishedSignal of InputTransport.cpp, there are uninitialized data leading to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.0...

5.5CVSS6.4AI score0.0017EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:13 a.m.11 views

CVE-2019-2220

In checkOperation of AppOpsService.java, there is a possible bypass of user interaction requirements due to mishandling application suspend. This could lead to local information disclosure no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

5.5CVSS6.2AI score0.00164EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:13 a.m.11 views

CVE-2019-2176

In ihevcdparsebufferingperiodsei of ihevcdparseheaders.c in Android 8.0, 8.1 and 9, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation...

9.3CVSS8AI score0.01038EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:12 a.m.6 views

CVE-2019-2068

In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117099943...

8.8CVSS7.8AI score0.00714EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:12 a.m.14 views

CVE-2019-2222

n ihevcdparseslicedata of ihevcdparseslice.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8...

7.8CVSS7.9AI score0.00579EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:12 a.m.7 views

CVE-2019-2132

It is possible to overlay the VPN dialog by a malicious application. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0...

9.3CVSS7.2AI score0.00519EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:11 a.m.6 views

CVE-2019-11380

The master-password feature in the ES File Explorer File Manager application 4.2.0.1.3 for Android can be bypassed via a com.estrongs.android.pop.ftp.ESFtpShortcut intent, leading to remote FTP access to the entirety of local storage...

7.5CVSS6.8AI score0.01633EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:57 a.m.10 views

CVE-2020-12624

The League application before 2020-05-02 on Android sends a bearer token in an HTTP Authorization header to an arbitrary web site that hosts an external image because an OkHttp object is reused, which allows remote attackers to hijack sessions...

6.5CVSS7AI score0.01298EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:52 a.m.7 views

CVE-2020-10570

The Telegram application through 5.12 for Android, when Show Popup is enabled, might allow physically proximate attackers to bypass intended restrictions on message reading and message replying. This might be interpreted as a bypass of the passcode feature...

6.1CVSS7AI score0.00389EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:49 a.m.7 views

CVE-2020-24655

A race condition in the Twilio Authy 2-Factor Authentication application before 24.3.7 for Android allows a user to potentially approve/deny an access request prior to unlocking the application with a PIN on older Android devices effectively bypassing the PIN requirement...

5.1CVSS6.9AI score0.00225EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:53 a.m.7 views

CVE-2021-33699

Task Hijacking is a vulnerability that affects the applications running on Android devices due to a misconfiguration in their AndroidManifest.xml with their Task Control features. This allows an unauthorized attacker or malware to takeover legitimate apps and to steal user's sensitive information...

7.6CVSS6.8AI score0.01247EPSS
Exploits0References1
KoreLogic Security
KoreLogic Security
added 2026/01/08 12:0 a.m.18 views

yintibao Fun Print Mobile Unauthorized Access via Context Hijacking

Vulnerability Details Affected Vendor: yintibao Affected Product: Fun Print Mobile Affected Version: 6.05.15 Platform: ARM64 - Android CWE Classification: CWE-926: Improper Export of Android Application Components CVE ID: CVE-2025-15464 2. Vulnerability Description Exported Activity allows...

7.5CVSS6.8AI score0.00466EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/07 9:51 a.m.8 views

CVE-2013-6792

Google Android prior to 4.4 has an APK Signature Security Bypass Vulnerability...

9.8CVSS6.9AI score0.02991EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:16 a.m.9 views

CVE-2022-27837

A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R11.0 and 13.0.1.1 in Android S12.0 allows attacker to access the file with system privilege...

9.3CVSS6.8AI score0.00536EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/17 8:7 a.m.5 views

CVE-2025-14617

A vulnerability has been found in Jehovahs Witnesses JW Library App up to 15.5.1 on Android. Affected is an unknown function of the component org.jw.jwlibrary.mobile.activity.SiloContainer. Such manipulation leads to path traversal. Local access is required to approach this attack. The exploit ha...

5.3CVSS6.3AI score0.00139EPSS
Exploits0References1
Rows per page
Query Builder