Legacy apps bypass restrict to insert/update files to other app's external private dirs
In extractRelativePath of FileUtils.java, there is a possible way to access files in a directory belonging to other applications due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
6.8AI Score
0.0004EPSS
[Security flaw in WI-FI reset settings]
In factoryReset of WifiServiceImpl.java, there is a possible way to preserve WiFi settings due to a logic error in the code. This could lead to local non-security issues across resets with no additional execution privileges needed. User interaction is not needed for...
6.4AI Score
EPSS
[Out of Bounds Read and Write in configureProducer in C2BqBuffer.cpp in libcodec2_vndk]
In Import of C2SurfaceSyncObj.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for...
4.4CVSS
6.5AI Score
0.0004EPSS
In inflate of inflate.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
9.2AI Score
0.003EPSS
Potential Intent Redirection issue in SettingsActivity of Settings app
In launchDeepLinkIntentToRight of SettingsHomepageActivity.java, there is a possible way to launch arbitrary activities due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
8.8CVSS
6.9AI Score
0.001EPSS
Microphone privacy indicator can be bypassed by any app
In resolveAttributionSource of ServiceUtilities.cpp, there is a possible way to disable the microphone privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
Delete arbitrary files with system permissions via DevicePolicyManager#clearApplicationUserData
In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
Permanent denial of service via NotificationManager#addAutomaticZenRule
In addAutomaticZenRule of ZenModeHelper.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
5.9AI Score
0.0004EPSS
Linux kernel vulnerability advisory
In multiple functions of many files, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
6.9AI Score
0.0004EPSS
In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
Binder VMA management security issues
In binder_vma_close of binder.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
: wifi: cfg80211: avoid nontransmitted BSS list corruption
In cfg80211_add_nontrans_list of scan.c, there is a possible way to corrupt a list due to a logic error in the code. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
7.2AI Score
0.0004EPSS
: fix u8 overflow in cfg80211_update_notlisted_nontrans
In cfg80211_update_notlisted_nontrans of scan.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...
8.1CVSS
8.4AI Score
0.002EPSS
Speculative Target Reuse Attacks
In specific ARM processors, there is a possible side-channel information leak due to a hardware flaw. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
5.6CVSS
7AI Score
0.001EPSS
In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a separate app with API level < 23 due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...
7.3CVSS
7.1AI Score
0.0004EPSS
[INTERNAL SHADOW][Zebra] FLAG_SECURE is not included in KeyGaurd and Set Pin/Password screen
In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user's password on a secondary display due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...
5.5CVSS
5.1AI Score
0.0004EPSS
In writeApplicationRestrictionsLAr of UserManagerService.java, there is a possible overwrite of system files due to a path traversal error. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for...
4.4CVSS
6.6AI Score
0.0004EPSS
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.1AI Score
0.0004EPSS
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.1AI Score
0.0004EPSS
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.1AI Score
0.0004EPSS
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.1AI Score
0.0004EPSS
[Race Condition in setSecurityLevel Function in DrmPlugin.cpp in [email protected]]
In getSecurityLevel and setSecurityLevel of DrmPlugin.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
6.8AI Score
0.0004EPSS
Delivery of new intents to protected activities via Activity#navigateUpTo() API
In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to a logic error in the code. This could lead to local escalation of privilege if the targeted app has an intent trampoline, with no additional execution privileges needed. User interaction is not...
7.8CVSS
6.7AI Score
0.0004EPSS
[Out of Bounds Write in phNxpNciHal_write_unlocked Function in phNxpNciHal.cc in nfc_nci_nxp]
In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
6.8AI Score
0.0004EPSS
Path traversal in MmsProvider#update leading to permanent DoS
In update of MmsProvider.java, there is a possible constriction of directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is needed for...
5.5CVSS
6.3AI Score
0.0005EPSS
[Android 13 Beta] [Heap Use After Free in PAN_WriteBuf Function in pan_api.cc in libbt-stack]
In PAN_WriteBuf of pan_api.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for...
6.5CVSS
6.2AI Score
0.001EPSS
[local root on the latest Pixel6]
In io_match_task of io_uring.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
8AI Score
0.0004EPSS
Bypass fix of CVE-2022-20143: Bypass zen rule limit with different configuration Activity
In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent degradation of performance due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for...
5.5CVSS
6.5AI Score
0.0004EPSS
In SettingsActivity.java, there is a possible way to make a device discoverable over Bluetooth, without permission or user interaction, due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
7.1AI Score
0.0004EPSS
Path Traversal in MediaProvider#delete
In checkAccess of MediaProvider.java, there is a possible file deletion due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.1AI Score
0.0004EPSS
Vulnerability: external/expat (bufferSize)
In XML_GetBuffer of xmlparse.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
9AI Score
0.014EPSS
[surfaceflinger EventThreadConnection::stealReceiveChannel fdsan crash]
In stealReceiveChannel of EventThread.cpp, there is a possible way to interfere with process communication due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7CVSS
7.1AI Score
0.0004EPSS
Exploiting BLURtooth [CVE-2020-15802] on a Pixel 6
In btif_dm_auth_cmpl_evt of btif_dm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
7.2AI Score
0.001EPSS
In onSaveRingtone of DefaultRingtonePreference.java, there is a possible inappropriate file read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
6.1AI Score
0.0004EPSS
Built-In VPN "Magically" Disabled Itself When Entering WiFi
In onDefaultNetworkChanged of Vpn.java, there is a possible way to disable VPN due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7AI Score
0.0004EPSS
[Crafted HFP Client Packet Causes Out-of-bounds Read in Bluetooth]
In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for...
7.5CVSS
6.5AI Score
0.001EPSS
Starting an Unnoticed ForegroundService by Providing Malformed Notification Extra
In enqueueNotificationInternal of NotificationManagerService.java, there is a possible way to run a foreground service without showing a notification due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction.....
7.8CVSS
7.5AI Score
0.0004EPSS
SF Security Vulnerability, Privilege Escalation through transaction merging
In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...
3.9CVSS
7.1AI Score
0.0004EPSS
C2FuzzerVorbisDec: Heap-use-after-free in android::C2DmaBufAllocation::unmap
In various functions of C2DmaBufAllocator.cpp, there is a possible memory corruption due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for...
6.5CVSS
6.8AI Score
0.001EPSS
Path traversal in CallLogProvider
In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
7.8CVSS
7.1AI Score
0.0004EPSS
CRLF Injection in KeyChainActivity can trick user into disclosing keys in KeyChain
In choosePrivateKeyAlias of KeyChain.java, there is a possible access to the user's certificate due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for...
5.5CVSS
6.2AI Score
0.0004EPSS
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score
7.1AI Score