Lucene search
+L
GoogleAndroid

8153 matches found

cve
cve
added 2020/04/07 1:52 p.m.51 views

CVE-2017-18696

CVE-2017-18696 affects Samsung mobile devices running M(6.0) and N(7.0) on Exynos7420, Exynos8890 or MSM8996 chipsets. Affected component is unspecified in the provided documents, but the issue is described as a memory corruption vulnerability tied to RKP (Samsung’s kernel protection feature). Im...

9.8CVSS9.4AI score0.00443EPSS
cve
cve
added 2018/05/10 2:0 p.m.51 views

CVE-2017-6289

The CVE-2017-6289 issue affects NVIDIA Tegra TZ/Tee components exposed to the Android SHIELD TV platform. The connected NVIDIA security bulletin describes a vulnerability in the Tegra kernel driver that could allow a local malicious application to execute arbitrary code within the Trusted Executi...

7.8CVSS5.9AI score0.00169EPSS
cve
cve
added 2018/05/10 2:0 p.m.51 views

CVE-2017-6293

CVE-2017-6293 affects NVIDIA SHIELD TV via the Tegra X1 TZ (Widevine TA); a buffer overrun in the TZ/TEE path allows local privilege escalation. The issue is described as a local code execution/elevation of privilege on the Tegra kernel driver. Public details in the connected documents indicate t...

7.8CVSS5.3AI score0.00167EPSS
cve
cve
added 2017/08/18 6:0 p.m.51 views

CVE-2017-8267

CVE-2017-8267 affects Qualcomm components in Android CAF builds using the Linux kernel. The issue is a race condition in an IOCTL handler that can lead to an integer overflow and an out-of-bounds write. Impact is described as local, with high severity in CVSS, and no explicit exploit details prov...

7.6CVSS6.8AI score0.00362EPSS
cve
cve
added 2017/09/21 3:0 p.m.51 views

CVE-2017-9677

CVE-2017-9677 affects Qualcomm components, specifically the Audio driver, in CAF Android builds using the Linux kernel. The issue arises in msm_compr_ioctl_shared where ddp->params_length can be accessed/modified by multiple threads without proper locking, enabling race conditions. If ddp->...

7.8CVSS8AI score0.00306EPSS
cve
cve
added 2017/10/10 8:0 p.m.51 views

CVE-2017-9697

CVE-2017-9697 is a local race condition affecting Android builds (Android for MSM, Firefox OS for MSM, QRD Android) using CAF Linux kernel. The vulnerability arises in the diag_dbgfs_read_table path, where a race condition can permit access to memory that has already been freed during command reg...

7CVSS6.7AI score0.00109EPSS
cve
cve
added 2018/12/20 3:0 p.m.51 views

CVE-2018-11965

Technical details about CVE-2018-11965 are not publicly provided in the connected documents. Available entries repeat the vulnerability description without concrete affected products, versions, root cause, or fixes. Monitor for updates from official advisories.

7.8CVSS7.4AI score0.00139EPSS
cve
cve
added 2019/02/11 3:0 p.m.51 views

CVE-2018-12011

Technical details about CVE-2018-12011 are not provided in the supplied documents; no exposed affected products, versions, or remediation are specified here. Monitor for updates.

5.5CVSS5.2AI score0.0014EPSS
cve
cve
added 2020/04/08 4:18 p.m.51 views

CVE-2018-21038

CVE-2018-21038 concerns Samsung mobile devices running N(7.x) software, where the Secure Folder app’s startup logic permits an authentication bypass. The vulnerability is tied to the Secure Folder startup sequence, enabling bypass of authentication for affected devices (Samsung ID SVE-2018-11628)...

9.8CVSS9.5AI score0.00506EPSS
cve
cve
added 2020/04/08 5:8 p.m.51 views

CVE-2018-21043

Summary: CVE-2018-21043 affects Samsung mobile devices with O(8.x) and P(9.0) (Exynos 9810) where a information disclosure vulnerability exists in the kernel pointer handling within the g2d_drv driver caused by logging. Affected software/hardware (documented): Samsung mobile devices running O(8.x...

3.3CVSS3.9AI score0.00132EPSS
cve
cve
added 2020/04/08 5:37 p.m.51 views

CVE-2018-21049

CVE-2018-21049 affects Samsung mobile devices with N7.x/O8.x (Exynos). The issue is an arbitrary memory write in a Trustlet caused by a secure driver exposing access to sensitive APIs (Samsung ID SVE-2018-12881). CVSS v3.1 base score 9.8 (CRITICAL): Network attack, no user interaction, high impac...

10CVSS9.3AI score0.00564EPSS
cve
cve
added 2020/04/08 5:27 p.m.51 views

CVE-2018-21064

The CVE-2018-21064 entry concerns Samsung mobile devices running N(7.x)/O(8.x) software, where an array overflow exists in a driver’s input booster (Samsung SVE-2017-11816). The issue is documented across multiple feeds, with high-severity metrics (CVSS v3.1 base score 9.8, impact on confidential...

9.8CVSS9.5AI score0.00443EPSS
cve
cve
added 2018/06/12 8:0 p.m.51 views

CVE-2018-3571

Summary: CVE-2018-3571 affects the Qualcomm KGSL driver used in Android CAF/Linux kernel releases. The vulnerability is a Use-After-Free condition that can occur when printing information about sparse memory allocations. Impact (as described): Local attacker could potentially cause memory corrupt...

7.8CVSS7.1AI score0.00165EPSS
cve
cve
added 2018/04/03 5:0 p.m.51 views

CVE-2018-5825

CVE-2018-5825 affects Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android builds with CAF Linux kernels prior to the 2018-04-05 patch level. The kernel IPA driver contains a Use-After-Free condition in the IPA subsystem, as described in the NVD record. The vulnerability is rated with CV...

7.8CVSS7.2AI score0.00158EPSS
cve
cve
added 2018/11/27 6:0 p.m.51 views

CVE-2018-5904

CVE-2018-5904 describes a use-after-free vulnerability in the LPM status driver within CAF Linux kernel branches used by Android for MSM, Firefox OS for MSM, and QRD Android. The flaw arises during list traversal for cleanup, enabling a local attacker to potentially exploit the condition. The NVD...

7.8CVSS7.5AI score0.00187EPSS
cve
cve
added 2018/11/27 6:0 p.m.51 views

CVE-2018-5906

CVE-2018-5906 affects Android releases (CAF builds) using the Linux kernel, specifically the debugfs module. The root cause is a missing validation of input size before copying into a buffer, leading to a potential buffer overflow. The vulnerability is described across multiple sources (NVD, CVE ...

7.8CVSS7.6AI score0.0019EPSS
cve
cve
added 2024/11/19 7:17 p.m.51 views

CVE-2018-9369

CVE-2018-9369 describes a local elevation-of-privilege in the bootloader where a fastboot command allows a user to pass kernel command line arguments. The root cause is the bootloader’s handling of user-supplied kernel parameters, enabling a local attacker to gain higher privileges without additi...

7.8CVSS6.9AI score0.00082EPSS
cve
cve
added 2024/11/19 9:25 p.m.51 views

CVE-2018-9428

CVE-2018-9428 : The issue affects Android’s AAudio service (AAudioServiceStreamBase.cpp, startDevice) and is caused by an out-of-bounds write stemming from a use-after-free. This can lead to local arbitrary code execution with high impact (confidentiality, integrity, and availability) as describe...

8.4CVSS7.5AI score0.00083EPSS
cve
cve
added 2018/11/06 5:0 p.m.51 views

CVE-2018-9446

CVE-2018-9446 affects Android devices via an out-of-bounds write in smp_br_state_machine_event within smp_br_main.cc caused by memory corruption. This could enable remote code execution with no additional privileges and no user interaction required. Affected versions include Android 6.0 through 8...

10CVSS8.2AI score0.02056EPSS
cve
cve
added 2018/11/06 5:0 p.m.51 views

CVE-2018-9458

The CVE-2018-9458 issue affects Android 8.0–8.1, rooted in computeFocusedWindow/RootWindowContainer.java where focus can be on the wrong window, enabling interception of keypresses and local elevation of privilege with user interaction required for exploitation. This could expose user keystrokes ...

7.8CVSS6.8AI score0.0057EPSS
cve
cve
added 2018/10/02 7:0 p.m.51 views

CVE-2018-9504

CVE-2018-9504 affects Android Bluetooth SDP discovery: a possible out-of-bounds write in sdp_copy_raw_data (sdp_discovery.cc) due to an incorrect bounds check, enabling remote code execution with no user interaction. Affected Android versions include 7.0–9.0; exploitation status and specific patc...

8.8CVSS8.8AI score0.00893EPSS
cve
cve
added 2019/02/12 12:0 a.m.51 views

CVE-2018-9588

CVE-2018-9588 affects Android 7.0–9, specifically the avdt_scb_hdl_report path in avdt_scb_act.cc. The vulnerability involves an out-of-bounds read due to a missing bounds check, enabling remote information disclosure over Bluetooth without user interaction. Impact is limited to the reported Andr...

6.5CVSS5.5AI score0.00509EPSS
cve
cve
added 2019/02/12 12:0 a.m.51 views

CVE-2018-9590

CVE-2018-9590 affects Android 7.0–9, described as an out-of-bounds read in add_attr() within sdp_discovery.c. The issue could enable remote information disclosure without user interaction and with network access as the attack vector; no exploitation details are provided in the connected documents...

7.5CVSS5.7AI score0.01335EPSS
cve
cve
added 2019/02/12 12:0 a.m.51 views

CVE-2018-9593

Technical details about CVE-2018-9593 are not publicly available in the provided connected documents. Monitor for updates from official sources.

6.5CVSS5.3AI score0.00314EPSS
cve
cve
added 2019/02/28 5:0 p.m.51 views

CVE-2019-1995

CVE-2019-1995 affects Android (versions 7.0–9) in the ComposeActivityEmail class. The flaw enables a "confused deputy" scenario where an app could silently attach files to an outgoing email, causing local information disclosure and potentially sending files accessible to AOSP Mail to a remote rec...

5.5CVSS5.4AI score0.00179EPSS
cve
cve
added 2020/03/24 5:42 p.m.51 views

CVE-2019-20533

CVE-2019-20533 affects Samsung mobile devices running N(7.x), O(8.x), and P(9.0) (China/India releases). The issue: the S Secure app can launch masked apps without a password. Root cause and technical specifics beyond this summary are not provided in the connected documents. The entry references ...

3.3CVSS4.3AI score0.00118EPSS
cve
cve
added 2020/03/24 5:54 p.m.51 views

CVE-2019-20542

CVE-2019-20542 affects Samsung mobile devices running Android N (7.1), O (8.x), and P (9.0) on Exynos chipsets. The issue is a kernel driver stack overflow. No exploit details or specific vulnerable components/version numbers are provided beyond this description. No remediation or patch version i...

7.8CVSS7.7AI score0.00136EPSS
cve
cve
added 2020/03/24 6:18 p.m.51 views

CVE-2019-20551

CVE-2019-20551 affects Samsung mobile devices running N(7.x), O(8.x), and P(9.0). The issue allows bypassing Factory Reset Protection (FRP) via a Class 0 Type Message, as noted with Samsung ID SVE-2019-14941 (October 2019). Connected Red Hat/Redundancy sources reiterate the same FRP bypass claim;...

7.5CVSS7.5AI score0.00364EPSS
cve
cve
added 2020/03/24 7:47 p.m.51 views

CVE-2019-20576

The CVE-2019-20576 issue affects Samsung mobile devices running P(9.0) software. Affected component: MemorySaver Content Provider, which permits SQL injection. The root cause is an injection vulnerability in the Content Provider’s handling of queries, enabling a remote attacker to manipulate the ...

9.8CVSS9.8AI score0.00399EPSS
cve
cve
added 2020/04/17 1:41 p.m.51 views

CVE-2019-20778

Summary: CVE-2019-20778 affects LG Android devices (versions 7.0–9.0) with the Backup subsystem failing to properly restrict operations or validate input. This leads to a potential impact on confidentiality, integrity, and availability as indicated by CVSS metrics (3.1: HIGH/HIGH/HIGH; 2.0: PARTI...

9.8CVSS9.2AI score0.00443EPSS
cve
cve
added 2019/08/20 7:51 p.m.51 views

CVE-2019-2132

CVE-2019-2132: Android vulnerability allowing an overlay of the VPN dialog by a malicious app, enabling local elevation of privilege. Exploitation requires user interaction and does not require additional execution privileges. Affected: Android versions 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9. The issue i...

9.3CVSS7.6AI score0.00519EPSS
cve
cve
added 2019/09/27 6:5 p.m.51 views

CVE-2019-2164

CVE-2019-2164 affects Android 10 due to an out-of-bounds read in libxaac caused by a missing bounds check. This could disclose information without full execution privileges; exploitation requires user interaction. The Red Hat entry confirms the same description; no patch/version details are provi...

6.5CVSS6.4AI score0.00583EPSS
cve
cve
added 2019/09/27 6:5 p.m.51 views

CVE-2019-9282

CVE-2019-9282 affects Google’s Skia library used in Android 10. The issue is an out-of-bounds read due to a missing bounds check, enabling remote information disclosure with no execution privileges and requiring user interaction to exploit. The Android security release notes indicate fixes are pa...

6.5CVSS6.4AI score0.00732EPSS
cve
cve
added 2019/09/27 6:5 p.m.51 views

CVE-2019-9285

CVE-2019-9285 describes an out-of-bounds read in Bluetooth on Android 10 due to a missing bounds check. Exploitation could lead to remote DoS without user interaction. Affected product/variant: Android 10 (Android ID: A-111215315). Public metrics: CVSSv3.1 base score 7.5 (High) with network attac...

7.5CVSS7.6AI score0.00797EPSS
cve
cve
added 2019/09/27 6:5 p.m.51 views

CVE-2019-9343

CVE-2019-9343 affects the Bluetooth stack in Android 10. The vulnerability arises from a missing bounds check that enables an out-of-bounds read, leading to remote information disclosure without requiring privileges or user interaction. Impact is confined to information disclosure; no exploitatio...

7.5CVSS7.2AI score0.00804EPSS
cve
cve
added 2019/09/27 6:5 p.m.51 views

CVE-2019-9428

CVE-2019-9428 affects the Android Framework. The issue arises from BROWSEABLE intents that can allow remote disclosure of sensitive URLs, with exploitation requiring user interaction. Affected product/version: Android 10 (Android Framework). Root cause: abuse of BROWSEABLE intents enabling inform...

6.5CVSS6.4AI score0.00856EPSS
cve
cve
added 2020/03/10 8:1 p.m.51 views

CVE-2020-0083

The CVE-2020-0083 issue affects Android 10 where a logic error in setRequirePmfInternal within sta_network.cpp can cause a default value to be misapplied, enabling a remote DoS without user interaction. The Pixel bulletin and Android bulletin indicate this belongs to the System component with a D...

7.5CVSS7.7AI score0.00888EPSS
cve
cve
added 2020/05/14 8:10 p.m.51 views

CVE-2020-0106

CVE-2020-0106 affects Android 10. The issue is in PhoneInterfaceManager.getCellLocation, where a missing SDK version check allows a local attacker to bypass a permission check and disclose information without extra privileges. Impacted: local information disclosure; no user interaction required. ...

5.5CVSS5.1AI score0.00133EPSS
cve
cve
added 2020/06/11 2:43 p.m.51 views

CVE-2020-0145

CVE-2020-0145 affects Android 10, with a flaw in btm_simple_pair_complete in btm_sec.cc that can trigger an out-of-bounds read due to a missing bounds check. This could lead to local information disclosure on a device with System privileges, and exploitation requires no user interaction. The avai...

4.4CVSS5.6AI score0.00143EPSS
cve
cve
added 2020/06/11 2:43 p.m.51 views

CVE-2020-0212

CVE-2020-0212 is a concrete Android security vulnerability affecting Android 10. The issue is an out-of-bounds read caused by a use-after-free in InputBufferManager.cpp (_onBufferDestroyed), potentially enabling remote information disclosure with no execution privilege, requiring user interaction...

6.5CVSS6.5AI score0.00732EPSS
cve
cve
added 2020/09/18 3:2 p.m.51 views

CVE-2020-0268

CVE-2020-0268 affects Android 11. In the NFC stack, a race condition can cause a use-after-free, enabling local escalation of privilege to System privileges without user interaction. Impact is described as local, with a High/Moderate multi-source assessment in public records; exploitation status ...

6.4CVSS7AI score0.00108EPSS
cve
cve
added 2020/09/18 3:7 p.m.51 views

CVE-2020-0269

In CVE-2020-0269, Android Auto Settings contains an unsafe PendingIntent allowing a local information disclosure. Affected: Android 11 (Android Auto Settings). Root cause: permission bypass enabling information leakage without user interaction, though user privileges are required. Exploitation is...

5.5CVSS5.8AI score0.00149EPSS
cve
cve
added 2020/09/18 3:8 p.m.51 views

CVE-2020-0276

CVE-2020-0276 affects Android 11 in the Telephony component, where a missing permission check allows a local information disclosure without extra execution privileges. The issue is exploitable locally, with no user interaction required, according to the description. Impact is partial confidential...

5.5CVSS5.7AI score0.00133EPSS
cve
cve
added 2020/09/18 3:21 p.m.51 views

CVE-2020-0286

The CVE-2020-0286 entry describes a vulnerability in Android 11's Bluetooth AVRCP where residual data can leak audio metadata, enabling remote information disclosure without privileges or user interaction via a network vector. Affected software is Android 11 (Bluetooth AVRCP); the underlying issu...

7.5CVSS7.3AI score0.00804EPSS
cve
cve
added 2020/09/17 8:52 p.m.51 views

CVE-2020-0356

CVE-2020-0356 affects the Android Audio HAL. The issue is an out-of-bounds write caused by an incorrect bounds check, enabling local privilege escalation with system-level execution privileges. Exploitation does not require user interaction. The vulnerability is documented across multiple sources...

6.7CVSS7.2AI score0.0015EPSS
cve
cve
added 2020/03/24 5:32 p.m.51 views

CVE-2020-10849

Technical details (affected components, root cause, impact, or fixes) are not publicly disclosed in the provided documents. Monitor for updates from official sources as additional details may be published later.

9.8CVSS9.3AI score0.00404EPSS
cve
cve
added 2020/05/11 3:15 p.m.51 views

CVE-2020-12747

CVE-2020-12747 relates to Samsung mobile devices with Q(10.0) using Exynos980/9630 and Exynos990/9830. The issue is a heap-based buffer overflow in the Bootloader caused by mishandling of specific commands. The vulnerability affects the boot process and could lead to unauthorized code execution a...

9.8CVSS9.7AI score0.0044EPSS
cve
cve
added 2020/08/31 8:45 p.m.51 views

CVE-2020-25064

Technical details (affected products, vulnerable component, root cause, exploit information) are not provided in the connected documents. Monitor for updates from LG/Security advisories.

7.5CVSS7.5AI score0.00346EPSS
cve
cve
added 2020/12/18 8:45 a.m.51 views

CVE-2020-35551

CVE-2020-35551 describes a RPMB state-change vulnerability in Samsung mobile devices with Exynos (O(8.x), P(9.0), Q(10.0)) where an unauthorized RPMB write can be replayed, enabling replay attacks. Root cause centers on RPMB state manipulation; the issue is related to CVE-2020-13799. Documented i...

9.8CVSS7.1AI score0.00421EPSS
cve
cve
added 2021/02/04 5:10 p.m.51 views

CVE-2021-0350

CVE-2021-0350 affects Android devices running Android-8.1, Android-9, Android-10, and Android-11. The issue is in the generic governance of input handling in the component described as “ged,” caused by improper input validation, which can cause a local denial of service and requires system execut...

4.9CVSS4.6AI score0.00147EPSS
Total number of security vulnerabilities8153