CVE-2024-47018

In pmucalraehandleseqint of flexpmucalrae.c, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-42674

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2023-42636

In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2023-52345

In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed...

CVE-2024-29757

there is a possible permission bypass due to Debug certs being allowlisted. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-20049

CVE-2024-20049 affects the flashc component in MediaTek-chip devices. The vulnerability is caused by an uncaught exception in flashc, enabling possible local information disclosure with System privileges required for exploitation; no user interaction is needed. A patch is available (Patch ID: ALP...

CVE-2023-20797

In camera middleware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629582; Issue ID: ALPS07629582...

CVE-2023-33895

In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

Out-of-bounds

In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645178...

CVE-2023-20732

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573480; Issue ID: ALPS07573480...

Out-of-bounds

In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed...

Design/Logic Flaw

In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way to bypass user consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Produc...

CVE-2022-20350

The CVE-2022-20350 issue affects Android’s NotificationAccessConfirmationActivity.java. It describes an input validation flaw that can trick a user into granting notification access to the wrong app, causing local information disclosure with high confidentiality impact. Affected Android versions:...

CVE-2020-0131

In parseChunk of MPEG4Extractor.cpp, there is a possible out of bounds write due to incompletely initialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID:...