Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from the smmudetachdev function’s ability to re-use memory after it is released. This can lead to out-of-bound writing and local privilege...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from heap buffer overflows and may lead to remote code execution...

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by the American company Google. Google Android has security vulnerabilities, which stem from the lack of boundary checks, potentially leading to local privilege escalation...

CVE-2026-26227

VLC for Android prior to 3.7.0 contains an authentication bypass in the Remote Access Server due to missing rate limiting on the 4‑digit OTP verification. An attacker reachable on the network can repeatedly attempt OTP checks within the OTP validity window, potentially obtaining a valid user_sess...

Exploit for CVE-2010-2568

Zero Click Exploits Android, OSX, Linux, Windows, iOS, IoT, S...

CVE-2026-24004 Fleet: Unauthenticated Android device disenrollment vulnerability via Pub/Sub endpoint

Fleet is open source device management software. In versions prior to 4.80.1, a vulnerability in Fleet’s Android MDM Pub/Sub handling could allow unauthenticated requests to trigger device unenrollment events. This may result in unauthorized removal of individual Android devices from Fleet...

UBUNTU-CVE-2026-2800

Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability was fixed in Firefox 148 and Thunderbird 148...

CVE-2026-2800

Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability affects Firefox 148 and Thunderbird 148...

UBUNTU-CVE-2026-23128

In the Linux kernel, the following vulnerability has been resolved: arm64: Set nocfi on swsusparchresume A DABT is reported1 on an android based system when resume from hiberate. This happens because swsusparchsuspendexit is marked with SYMCODE and does not have a CFI hash, but swsusparchresume...

Exploit for Deserialization of Untrusted Data in Google Android

CVE-2024-31317 Deployer !Licensehttps://img.shields.io/bad...

Android Security Bulletin—February 2026Stay organized with collectionsSave and categorize content based on your preferences.

This Android Security Bulletin contains details of security vulnerabilities that affect Android devices. Security patch levels of 2026-02-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Within 48 hours afte...

CVE-2026-0901

Inappropriate implementation in Blink in Google Chrome on Android prior to 144.0.7559.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003309)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003309 advisory. In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over- read vulnerability. Tenable has extracted the preceding...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003067)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003067 advisory. An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious...

CVE-2023-29543

An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

CVE-2023-29732

SoLive 1.6.14 thru 1.6.20 for Android exists exposed component, the component provides the method to modify the SharedPreference file. The attacker can use the method to modify the data in any SharedPreference file, these data will be loaded into the memory when the application is opened. Dependi...

CVE-2018-6349

When receiving calls using WhatsApp for Android, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. This issue affects WhatsApp for Android prior to 2.18.248 and WhatsApp Business for Android prior to 2.18.132...

CVE-2021-41034

The build of some language stacks of Eclipse Che version 6 includes pulling some binaries from an unsecured HTTP endpoint. As a consequence the builds of such stacks are vulnerable to MITM attacks that allow the replacement of the original binaries with arbitrary ones. The stacks involved are Jav...

CVE-2021-0510

In decrypt12 of CryptoPlugin.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10...

CVE-2021-0644

In conditionallyRemoveIdentifiers of SubscriptionController.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for...