20 matches found
CVE-2025-48650
In multiple locations, there is a possible information disclosure due to SQL injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-38695
In BootRom, there's a possible unchecked command index. This could lead to local escalation of privilege with no additional execution privileges needed...
CVE-2022-39114
In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed...
CVE-2021-39631
In cleardatadlgtext of strings.xml, there is a possible situation when "Clear storage" functionality sets up the wrong security/privacy expectations due to a misleading message. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not...
CVE-2023-42635
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed...
PT-2023-18165 · Sim · Sim
Name of the Vulnerable Software and Affected Versions: Sim affected versions not specified Description: The issue is related to a permission bypass that allows evading mobile preference restrictions. This could lead to local escalation of privilege with no additional execution privileges needed...
CVE-2023-38438
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges...
CVE-2023-33916
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges...
Out-of-bounds
In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-33901
In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed...
CVE-2023-33902
In bluetooth service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed...
CVE-2023-30931
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed...
CVE-2022-47479
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed...
Information disclosure
In AppOpsService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-20022
In Bluetooth, there is a possible link disconnection due to bluetooth does not properly handle a connection attempt from a host with the same BD address as the currently connected BT host. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. Use...
Google Android 信息泄露漏洞
Google Android is a Linux-based open source operating system from Google, Inc. An information disclosure vulnerability exists in Google Android, which can be exploited by attackers to cause local information disclosure without additional execution privileges...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google Inc. in the United States. Google Android suffers from a security vulnerability that could lead to the disclosure of remote information without additional execution privileges...
CVE-2020-0464
In resolvcachelookup of rescache.cpp, there is a possible side channel information disclosure. This could lead to local information disclosure of accessed web resources with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Heap overflow
In ideintweaveblk of ideintutils.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-1403248...
CVE-2019-2169
In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118492282...