CVE-2023-40113

CVE-2023-40113 affects the Android platform (System component) and stems from a missing permission check that allowed apps to access cross‑user message data. This enables local information disclosure without extra privileges or user interaction. Public details in the provided documents are limite...

CVE-2024-0019

The CVE-2024-0019 issue affects Android’s AppOpsControllerImpl.setListening in the Framework. A missing check for active recordings can allow hiding the microphone privacy indicator when SystemUI restarts, enabling local denial of service without extra privileges. Impact is limited to DoS on the ...

CVE-2024-0029

CVE-2024-0029 describes a logic error across multiple Android files that could allow capturing the device screen in violation of device policy, enabling local elevation of privilege with no extra execution privileges required. Exploitation details are not provided in the supplied documents. Affec...

CVE-2024-0037

The CVE-2024-0037 entry describes a local information disclosure in Android’s SaveUi.java, where applyCustomDescription can view other users’ images due to a missing permission check. Exploitation is possible with local attacker privileges and does not require user interaction. Connected document...

CVE-2023-40093

CVE-2023-40093 is an information-disclosure vulnerability in Google Android where trimmed content could be included in PDF output due to a logic error. It allows local information disclosure with no user interaction; confidentiality is impacted. Public sources cite this CVE in Android security bu...

CVE-2024-0039

CVE-2024-0039 affects Android Bluetooth stack with an out-of-bounds write in attp_build_value_cmd of att_protocol.cc, enabling remote code execution over the network without user interaction. The issue stems from a missing bounds check and is present in att_protocol.cc as described across multipl...

CVE-2024-0017

CVE-2024-0017 involves a permissions bypass in the shouldUseNoOpLocation function of CameraActivity.java, creating a possible confused deputy and leading to local information disclosure without requiring additional execution privileges. Exploitation requires user interaction. The vulnerability is...

CVE-2023-40124

CVE-2023-40124 involves a local information disclosure (cross-user read) due to a confused deputy. Public docs from NVD/Red Hat/OSV describe impact as local, with no execution privileges required and no user interaction needed. Android security bulletin entries for 2023-11-01/05 group this under ...

CVE-2024-0030

CVE-2024-0030 affects the Android Bluetooth stack: the out-of-bounds read arises in btif_to_bta_response within btif_gatt_util.cc due to an incorrect bounds check. This can cause local information disclosure without extra privileges. User interaction is not required. Exploitation details (vectors...

CVE-2023-40085

CVE-2023-40085 involves a missing bounds check in ShimConverter.cpp, in the function convertSubgraphFromHAL , which can trigger a possible out-of-bounds read. This leads to local information disclosure with no additional execution privileges required and no user interaction. The connected documen...

CVE-2023-40105

CVE-2023-40105 affects the Android framework (ActivityManagerService), specifically in backupAgentCreated. The root cause is a missing permission check in this path, enabling local information disclosure. The impact is high confidentiality loss with no integrity or availability impact described, ...

CVE-2023-40112

CVE-2023-40112 describes a likely out-of-bounds read in the printer subsystem: the function ippSetValueTag in ipp.c performs a missing bounds check, potentially allowing local disclosure of past print jobs or other print-related data. Exploitation is described as local (no remote access) with no ...

CVE-2024-0016

CVE-2024-0016 is an Android/Bluetooth-related issue described as an out-of-bounds read caused by a missing bounds check. It could lead to disclosure of paired device information without any user interaction or privileges. The connected documents confirm the vulnerability exists in multiple locati...

CVE-2024-0015

CVE-2024-0015 affects the Android Framework via DreamService.java: convertToComponentName can be abused to launch arbitrary protected activities through intent redirection, enabling local elevation of privilege with low privileges and no user interaction required. Public references indicate this ...

CVE-2023-40106

CVE-2023-40106 concerns a BAL bypass in Android’s NotificationManagerService.java (sanitizeSbn) that could allow launching an activity from the background, enabling local privilege escalation without extra privileges or user interaction. Affected component is the background handling path in the A...

CVE-2024-0021

CVE-2024-0021 affects Android’s NotificationAccessConfirmationActivity in the work profile. A logic error could let an app enable notification listener services, enabling local elevation of privilege with no extra privileges; exploitation requires user interaction. The issue is documented across ...

CVE-2024-0018

The vulnerability CVE-2024-0018 affects Android Media Codecs (ColorConverter.cpp) in ColorConverter::convertYUV420Planar16ToY410, where a heap-based out-of-bounds write is possible. This could enable local escalation of privilege with no additional execution privileges and requires no user intera...

CVE-2024-0023

CVE-2024-0023: In ConvertRGBToPlanarYUV of Codec2BufferUtils.cpp, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not needed for exploitation. Connected...

CVE-2023-40100

CVE-2023-40100 affects Android via a memory corruption in the discovery_thread of Dns64Configuration.cpp caused by a use-after-free. This can lead to local elevation of privilege with no extra execution privileges required and no user interaction needed, per multiple sources. The vulnerability is...

CVE-2024-0032

CVE-2024-0032 affects the Android Framework (FileSystemProvider.java, queryChildDocuments) and enables local escalation of privilege due to improper input validation. Impact is described as Elevation of Privilege with HIGH confidentiality/integrity/availability impact; exploit requires user inter...

CVE-2023-40111

The provided documents only repeat the CVE description (MediaSessionRecord.java, possible local privilege escalation via a confused deputy) with no additional technical details, affected versions, or fixes. Public technical details are not available here; monitor for updates.

CVE-2024-0035

The CVE 2024-0035 entry concerns Android’s TileLifecycleManager.java, specifically onNullBinding, where a missing null check could allow launching an activity from the background. This creates a local elevation of privilege with no extra execution privileges or user interaction required. Affected...

CVE-2024-0014

CVE-2024-0014: The UpdateFetcher.java startInstall path contains a logic error that could allow a malicious config update, enabling local privilege escalation with no extra privileges and no user interaction required. This vulnerability is described across multiple sources (NVD/Red Hat/UVD enrich...

CVE-2024-0041

CVE-2024-0041 describes a race condition in SystemStatusAnimationSchedulerImpl.kt (removePersistentDot) that could allow local escalation of privilege with no extra privileges and without user interaction. Connected docs corroborate the same description across multiple feeds (NVD, Red Hat, CNVD, ...

CVE-2023-40110

CVE-2023-40110 is tied to a heap buffer overflow in multiple MtpPacket.cpp functions, causing an out-of-bounds write that could enable local privilege escalation with user interaction required. Connected sources (NVD/Red Hat/PRION/CNNVD/Android bulletin) consistently reference MtpPacket.cpp as th...

CVE-2023-40107

CVE-2023-40107 concerns a use-after-free in ARTPWriter (ARTPWriter.cpp) related to uninitialized data, enabling local privilege escalation without extra user interaction. The affected component is ARTPWriter (ARTPWriter.cpp); underlying issue is use-after-free, leading to potential arbitrary code...

CVE-2024-0031

CVE-2024-0031 affects Google Android components. The vulnerability is in the function attp_build_read_by_type_value_cmd of att_protocol.cc, where improper input validation can cause an out-of-bounds write, enabling remote code execution with no privileges and no user interaction required. The pro...

CVE-2023-40114

CVE-2023-40114 relates to an out-of-bounds write caused by a use-after-free in MtpFfsHandle.cpp, leading to local elevation of privilege with no additional execution privileges required. Exploitation requires user interaction. The public details identify the affected area (Android-related code pa...

CVE-2024-0038

Summary of CVE-2024-0038: The issue lies in Android’s AccessibilityManagerService.java within the function injectInputEventToInputFilter, where a missing permission check enables arbitrary input event injection. This can lead to local escalation of privilege without additional execution privilege...

CVE-2024-0036

CVE-2024-0036 describes a logic error in startNextMatchingActivity within Android’s ActivityTaskManagerService.java that could bypass restrictions on starting activities from the background, enabling local privilege escalation without extra execution privileges and without user interaction. The v...

CVE-2023-40109

CVE-2023-40109 affects the Android USB configuration path: createFromParcel in UsbConfiguration.java. The issue enables a background activity launch via a permissions bypass, causing local privilege escalation with no extra execution privileges, requiring user interaction for exploitation. Report...

CVE-2024-0033

CVE-2024-0033 concerns Android’s ashmem-dev.cpp, where a heap buffer overflow may cause a missing seal. The effect is local elevation of privilege with no extra user interaction required, per the documents. The available sources consistently describe the issue’s presence in ashmem-dev.cpp and its...

CVE-2023-40115

The CVE-2023-40115 issue is in readLogs of StatsService.cpp, causing memory corruption via a use-after-free and enabling local privilege escalation with no extra user interaction. Multiple sources (NVD/Red Hat/OSV/PRION, etc.) confirm the vulnerability. Affected component is part of Android’s Sta...

CVE-2024-0020

CVE-2024-0020 affects the Android platform component NotificationSoundPreference.java. The flaw arises in onActivityResult, enabling a confused deputy to disclose audio files belonging to another user on the same device. Exploitation is local, requires no user interaction, and can lead to local i...

CVE-2023-40104

CVE-2023-40104 affects ca-certificates with an information-disclosure flaw due to untrusted cryptographic certificates, enabling remote read of encrypted TLS data and requiring no user interaction. Connected sources confirm this vulnerability across multiple ecosystems (NVD/Red Hat/NASL/Nessus pl...

CVE-2024-0040

CVE-2024-0040 centers on a heap buffer overflow in the setParameter function of MtpPacket.cpp, causing a possible out-of-bounds read and remote information disclosure without privileges or user interaction. Multiple trusted sources (NVD, Red Hat, PRION, Vuln enrichment, CVE lists, and Android sec...

CVE-2024-0034

Technical details beyond the BAL Bypass description are not publicly provided in the supplied documents. Monitor Android security advisories and vendor advisories for affected products, versions, and fixes.

CVE-2025-48617

CVE-2025-48617 affects Android’s CarrierConfigLoader.java, specifically overrideConfig, enabling a permissions/UID check bypass that could cause local privilege escalation with no additional execution privileges required and no user interaction. The vulnerability is tied to a local attack vector ...

CVE-2024-0044

CVE-2024-0044 is an Android framework issue in PackageInstallerService where createSessionInternal accepts an installerPackageName that is not properly validated, allowing a local attacker with adb access to run-as any app. The root cause is insufficient validation of the installerPackageName arg...

CVE-2024-0022

CVE-2024-0022 affects Android’s CompanionDeviceManagerService.java. The issue is improper input validation that can cause a NotificationAccessConfirmationActivity to be launched for another user profile, enabling local information disclosure without extra privileges and without user interaction. ...

CVE-2024-0027

The CVE-2024-0027 issue affects Google Android’s SnoozeHelper.java, where multiple methods can exhaust resources and cause a local boot loop/denial of service. Vulnerability details across connected sources consistently describe a DoS resulting from resource exhaustion with no extra privileges an...

CVE-2024-29740

CVE-2024-29740 concerns a vulnerability in the tmu_set_table function of tmu.c that enables an out-of-bounds write due to a missing bounds check. Public descriptions across multiple sources (NVD, Red Hat, CVE lists, Android Pixel bulletin) consistently state this could allow local escalation of p...

CVE-2021-0920

CVE-2021-0920 is confirmed with concrete details in the connected sources: a race condition in unix_scm_to_skb within af_unix.c can trigger a use-after-free, potentially enabling local privilege escalation on the Android kernel. The vulnerability affects the Linux kernel used in Android (via the ...

CVE-2024-23706

CVE-2024-23706 affects Google Android via health data permissions bypass in the HealthFitness pathway, caused by improper input validation. The result is local escalation of privilege with no additional execution privileges required and no user interaction needed. Affected context appears in Andr...

CVE-2019-2215

CVE-2019-2215 is a use-after-free in the Android binder driver (binder.c) that enables local privilege escalation from an app to the Linux kernel. The issue is local, with no user interaction required, and exploitation may lead to memory corruption, denial of service, or escalation per the cited ...

CVE-2021-39793

Summary of CVE-2021-39793 : A vulnerability in the Mali GPU kernel driver (kbase_jd_user_buf_pin_pages in mali_kbase_mem.c) causes an out-of-bounds write due to a logic error. This can enable local privilege escalation with no required user interaction. Affected: Android devices using Mali GPU ke...

CVE-2023-21036

The CVE-2023-21036 issue affects Google Pixel devices' Markup tool (BitmapExport.java) where a logic error prevents proper truncation of image data after edits, potentially leaving remnants of the original image in cropped/edited PNGs. Public sources (NVD/NVD entry, CVE lists) describe a local, p...

CVE-2021-1048

CVE-2021-1048 is a use-after-free in Android's upstream Linux kernel ep_loop_check_proc (eventpoll.c) that can cause memory corruption and local privilege escalation without user interaction. The issue existed in the Android kernel but upstream Linux patched it; Android device patch timing varied...

CVE-2020-0069

The CVE-2020-0069 issue affects MediaTek CMDQ driver ioctl handlers in Android kernel, where insufficient input sanitization and missing SELinux restrictions can cause an out-of-bounds write, enabling local privilege escalation without extra privileges or user interaction. Public material confirm...

CVE-2020-0041

CVE-2020-0041 affects the Android kernel binder subsystem: in binder_transaction there is an out-of-bounds write caused by an incorrect bounds check, enabling local privilege escalation with no user interaction. The vulnerability is documented across multiple advisories (upstream kernel/UTSA entr...