Lucene search
+L

489 matches found

Cvelist
Cvelist
added 2025/05/27 8:43 p.m.16 views

CVE-2025-5066

Inappropriate implementation in Messages in Google Chrome on Android prior to 137.0.7151.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.00406EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 10:6 a.m.10 views

CVE-2024-20804

Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file...

5.5CVSS6.8AI score0.00182EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:13 a.m.7 views

CVE-2024-53701

Multiple FCNT Android devices provide the original security features such as "privacy mode" where arbitrary applications can be set not to be displayed, etc. Under certain conditions, and when an attacker can directly operate the device which its screen is unlocked by a user, the provided securit...

3.1CVSS7AI score0.00205EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:8 a.m.11 views

CVE-2024-2365

A vulnerability classified as problematic was found in Musicshelf 1.0/1.1 on Android. Affected by this vulnerability is an unknown functionality of the file io\fabric\sdk\android\services\network\PinningTrustManager.java of the component SHA-1 Handler. The manipulation leads to password hash with...

4.2CVSS4.5AI score0.00277EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:16 a.m.9 views

CVE-2024-47022

Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ACPM component, A-331255656...

7.5CVSS6.6AI score0.0016EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:7 a.m.8 views

CVE-2023-20952

In A2DPBuildCodecHeaderSbc of a2dpsbc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

5.5CVSS5.4AI score0.00091EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:20 a.m.9 views

CVE-2023-38301

An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. Various software builds for the BLU View 2, Boost Mobile Celero 5G, Sharp Rouvo V, Motorola Moto G Pure, Motorola Moto G Power, T-Mobile Revvl 6 Pro 5G, and...

3.4CVSS6.8AI score0.00165EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:15 a.m.9 views

CVE-2023-49794

KernelSU is a Kernel-based root solution for Android devices. In versions 0.7.1 and prior, the logic of get apk path in KernelSU kernel module can be bypassed, which causes any malicious apk named me.weishu.kernelsu get root permission. If a KernelSU module installed device try to install any not...

7.8CVSS6.8AI score0.00254EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:43 a.m.17 views

CVE-2023-20924

In TBD of TBD, there is a possible way to bypass the lockscreen due to Biometric Auth Failure. This could lead to local escalation of privilege with physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

6.8CVSS6.9AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:32 a.m.7 views

CVE-2022-4457

Due to a misconfiguration in the manifest file of the WARP client for Android, it was possible to a perform a task hijacking attack. An attacker could create a malicious mobile application which could hijack legitimate app and steal potentially sensitive information when installed on the victim's...

5.5CVSS6.5AI score0.00167EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:35 p.m.3 views

CVE-2022-20408

Product: AndroidVersions: Android kernelAndroid ID: A-204782372References: N/A...

7.5CVSS6.9AI score0.00277EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 p.m.11 views

CVE-2022-20125

In GBoard, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.Produc...

7.2CVSS7AI score0.00129EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:19 p.m.5 views

CVE-2022-20411

In avdtmsgasmbl of avdtmsg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

8.8CVSS7.8AI score0.01868EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:6 p.m.9 views

CVE-2022-20425

In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent degradation of performance due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

5.5CVSS7.3AI score0.00128EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:57 p.m.10 views

CVE-2020-0416

In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9...

9.3CVSS7AI score0.01252EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:30 p.m.8 views

CVE-2020-0105

In onKeyguardVisibilityChanged of keystoreservice.cpp, there is a missing permission check. This could lead to local escalation of privilege, allowing apps to use keyguard-bound keys when the screen is locked, with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7AI score0.00138EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:13 p.m.12 views

CVE-2012-6422

The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions 0666 for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted...

9.3CVSS6.8AI score0.15156EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:21 a.m.12 views

CVE-2019-15027

The MediaTek Embedded Multimedia Card eMMC subsystem for Android on MT65xx, MT66xx, and MT8163 SoC devices allows attackers to execute arbitrary commands as root via shell metacharacters in a filename under /data, because clearemmcnomediaentry in platform/mt6577/external/meta/emmc/metaclremmc.c...

10CVSS7.9AI score0.03181EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:48 a.m.9 views

CVE-2011-4872

Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40, and EVO 4G GRI40 allow remote attackers to obtain 802.1X Wi-Fi credentials and SSID via a craft...

2.6CVSS6.9AI score0.01396EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:56 a.m.4 views

CVE-2019-9341

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111214770...

7.5CVSS6.5AI score0.00804EPSS
Exploits0References1
Rows per page
Query Builder