Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GoogleAndroid

7579 matches found

CVE
CVEadded 2021/06/22 12:15 p.m.36 views

CVE-2021-0538

In onCreate of EmergencyCallbackModeExitDialog.java, there is a possible exit of emergency callback mode due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: ...

7.3CVSS7.2AI score0.00014EPSS
CVE
CVEadded 2021/06/22 12:15 p.m.36 views

CVE-2021-0549

In sspRequestCallback of BondStateMachine.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: A...

4.4CVSS4.1AI score0.00016EPSS
CVE
CVEadded 2021/09/21 1:15 p.m.36 views

CVE-2021-0869

In GetTimeStampAndPkt of DumpstateDevice.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel...

9.8CVSS9.1AI score0.0137EPSS
CVE
CVEadded 2021/12/15 7:15 p.m.36 views

CVE-2021-0986

In hasGrantedPolicy of DevicePolicyManagerService.java, there is a possible information disclosure about the device owner, profile owner, or device admin due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interactio...

5.5CVSS5.1AI score0.00041EPSS
CVE
CVEadded 2021/12/15 7:15 p.m.36 views

CVE-2021-1002

In WT_Interpolate of eas_wtengine.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID:...

7.5CVSS7AI score0.00289EPSS
CVE
CVEadded 2021/10/06 6:15 p.m.36 views

CVE-2021-25478

A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.

7.2CVSS7.4AI score0.00231EPSS
CVE
CVEadded 2021/12/15 7:15 p.m.36 views

CVE-2021-39639

In TBD of fvp.c, there is a possible way to glitch CPU behavior due to a missing permission check. This could lead to local escalation of privilege with physical access to device internals with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Andro...

7.2CVSS6.6AI score0.00013EPSS
CVE
CVEadded 2022/01/14 8:15 p.m.36 views

CVE-2021-39681

In delete_protocol of main.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-...

7.8CVSS7.9AI score0.00018EPSS
CVE
CVEadded 2020/05/14 9:15 p.m.35 views

CVE-2020-0220

In crus_afe_callback of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAnd...

6.7CVSS7.2AI score0.00016EPSS
CVE
CVEadded 2020/09/18 4:15 p.m.35 views

CVE-2020-0271

In the Settings app, there is an insecure default value. This could lead to local escalation of privilege and tapjacking with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-144507081

7.3CVSS7.7AI score0.00015EPSS
CVE
CVEadded 2020/09/18 4:15 p.m.35 views

CVE-2020-0281

In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure. System execution privileges, a Firmware compromise, and User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-137857778

4.5CVSS5.2AI score0.00205EPSS
CVE
CVEadded 2020/09/18 4:15 p.m.35 views

CVE-2020-0284

In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156253784

5.5CVSS5.7AI score0.00015EPSS
CVE
CVEadded 2020/09/18 4:15 p.m.35 views

CVE-2020-0311

In InputManagerService, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153878642

5.5CVSS5.7AI score0.00017EPSS
CVE
CVEadded 2020/09/17 9:15 p.m.35 views

CVE-2020-0344

In MediaProvider, there is a possible permissions bypass due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-140729887

5.5CVSS6.1AI score0.00026EPSS
CVE
CVEadded 2020/09/17 9:15 p.m.35 views

CVE-2020-0358

In SurfaceFlinger, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150227563

6.4CVSS7AI score0.00015EPSS
CVE
CVEadded 2020/09/17 9:15 p.m.35 views

CVE-2020-0362

In libstagefright, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-123237930

6.5CVSS6.9AI score0.00294EPSS
CVE
CVEadded 2020/09/17 9:15 p.m.35 views

CVE-2020-0363

In libmedia, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-132274514

6.5CVSS6.9AI score0.00294EPSS
CVE
CVEadded 2020/12/15 4:15 p.m.35 views

CVE-2020-0490

In floor1_info_unpack of floor1.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-155...

6.5CVSS6.5AI score0.00244EPSS
CVE
CVEadded 2020/08/31 9:15 p.m.35 views

CVE-2020-25050

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. The CMC service allows attackers to obtain sensitive information. The Samsung ID is SVE-2020-17288 (August 2020).

7.5CVSS7.4AI score0.00123EPSS
CVE
CVEadded 2020/08/31 9:15 p.m.35 views

CVE-2020-25058

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9, and 10 software. The network_management service does not properly restrict configuration changes. The LG ID is LVE-SMP-200012 (July 2020).

9.8CVSS9.2AI score0.00147EPSS
CVE
CVEadded 2020/09/11 10:15 p.m.35 views

CVE-2020-25278

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The Quram image codec library allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding. The Samsung IDs are SVE-2020-18088, SVE-2020-18225, SV...

9.8CVSS9.6AI score0.00187EPSS
CVE
CVEadded 2020/12/15 5:15 p.m.35 views

CVE-2020-27044

In restartWrite of Parcel.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157066561

7.8CVSS8.3AI score0.00018EPSS
CVE
CVEadded 2020/12/18 9:15 a.m.35 views

CVE-2020-35555

An issue was discovered on LG mobile devices with Android OS 10 software. When a dual-screen configuration is supported, the device does not lock upon disconnection of a call with the cover closed. The LG ID is LVE-SMP-200027 (December 2020).

7.8CVSS7.5AI score0.00016EPSS
CVE
CVEadded 2021/02/04 7:15 p.m.35 views

CVE-2021-0343

In kisd, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05449962.

7.2CVSS6.7AI score0.00012EPSS
CVE
CVEadded 2021/02/04 7:15 p.m.35 views

CVE-2021-0349

In display driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11; Patch ID: ALPS0...

7.2CVSS6.8AI score0.00019EPSS
CVE
CVEadded 2021/02/03 12:15 a.m.35 views

CVE-2021-0353

In kisd, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05425247.

6.7CVSS6.9AI score0.0001EPSS
CVE
CVEadded 2021/02/03 12:15 a.m.35 views

CVE-2021-0355

In kisd, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05425581.

6.7CVSS6.7AI score0.0002EPSS
CVE
CVEadded 2021/02/03 12:15 a.m.35 views

CVE-2021-0358

In netdiag, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05442022.

6.7CVSS6.9AI score0.00117EPSS
CVE
CVEadded 2021/03/10 4:15 p.m.35 views

CVE-2021-0368

In oggpack_look of bitwise.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-16982977...

6.5CVSS6.1AI score0.00215EPSS
CVE
CVEadded 2021/03/10 4:15 p.m.35 views

CVE-2021-0377

In DeltaPerformer::Write of delta_performer.cc, there is a possible use of untrusted input due to improper input validation. This could lead to a local bypass of defense in depth protections with no additional execution privileges needed. User interaction is not needed for exploitation.Product: And...

5.5CVSS5.4AI score0.00015EPSS
CVE
CVEadded 2021/03/10 5:15 p.m.35 views

CVE-2021-0379

In getUpTo17bits of pvmp3_getbits.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A...

6.5CVSS6.3AI score0.00362EPSS
CVE
CVEadded 2021/03/10 5:15 p.m.35 views

CVE-2021-0460

In the FingerTipS touch screen driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-15...

4.4CVSS4.2AI score0.00016EPSS
CVE
CVEadded 2021/06/11 5:15 p.m.35 views

CVE-2021-0494

In memory management driver, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-183461...

7.8CVSS7.7AI score0.00016EPSS
CVE
CVEadded 2021/10/25 2:15 p.m.35 views

CVE-2021-0614

In asf extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05495528; Issue ID: ALPS05495528.

5.5CVSS5AI score0.00015EPSS
CVE
CVEadded 2021/10/25 2:15 p.m.35 views

CVE-2021-0630

In wifi driver, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05551397; Issue ID: ALPS05551397.

7.5CVSS7.3AI score0.00771EPSS
CVE
CVEadded 2021/10/25 2:15 p.m.35 views

CVE-2021-0633

In display driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05585423; Issue ID: ALPS05585423.

7.2CVSS6.7AI score0.00014EPSS
CVE
CVEadded 2021/10/25 2:15 p.m.35 views

CVE-2021-0662

In audio DSP, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05844434; Issue ID: ALPS05844434.

7.2CVSS6.9AI score0.00021EPSS
CVE
CVEadded 2021/11/18 3:15 p.m.35 views

CVE-2021-0671

In apusys, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05664273; Issue ID: ALPS05664273.

7.2CVSS6.8AI score0.00013EPSS
CVE
CVEadded 2021/12/17 5:15 p.m.35 views

CVE-2021-0898

In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672071.

6.7CVSS6.8AI score0.00018EPSS
CVE
CVEadded 2021/12/17 5:15 p.m.35 views

CVE-2021-0903

In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05656488.

6.7CVSS6.7AI score0.00015EPSS
CVE
CVEadded 2021/06/11 3:15 p.m.35 views

CVE-2021-25385

An improper input validation vulnerability in sdfffd_parse_chunk_PROP() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

9.8CVSS9.6AI score0.00187EPSS
CVE
CVEadded 2021/06/11 3:15 p.m.35 views

CVE-2021-25388

Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers to install arbitrary app.

7.1CVSS7.3AI score0.00009EPSS
CVE
CVEadded 2021/06/11 3:15 p.m.35 views

CVE-2021-25389

Improper running task check in S Secure prior to SMR MAY-2021 Release 1 allows attackers to use locked app without authentication.

6.1CVSS6.2AI score0.0002EPSS
CVE
CVEadded 2021/07/08 2:15 p.m.35 views

CVE-2021-25427

SQL injection vulnerability in Bluetooth prior to SMR July-2021 Release 1 allows unauthorized access to paired device information

6.5CVSS6.6AI score0.00059EPSS
CVE
CVEadded 2021/07/08 2:15 p.m.35 views

CVE-2021-25429

Improper privilege management vulnerability in Bluetooth application prior to SMR July-2021 Release 1 allows untrusted application to access the Bluetooth information in Bluetooth application.

4.3CVSS4.5AI score0.0003EPSS
CVE
CVEadded 2021/07/08 2:15 p.m.35 views

CVE-2021-25430

Improper access control vulnerability in Bluetooth application prior to SMR July-2021 Release 1 allows untrusted application to access the Bluetooth information in Bluetooth application.

4.3CVSS4.5AI score0.0003EPSS
CVE
CVEadded 2021/09/09 7:15 p.m.35 views

CVE-2021-25449

An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021 Release 1 allows attackers to execute arbitrary code in mediaextractor process.

9.8CVSS9.6AI score0.00178EPSS
CVE
CVEadded 2021/10/06 6:15 p.m.35 views

CVE-2021-25474

Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_show_on_qspanel value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset.

4.9CVSS4.8AI score0.00049EPSS
CVE
CVEadded 2021/10/06 6:15 p.m.35 views

CVE-2021-25491

A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows memory corruption via NULL-pointer dereference.

4.4CVSS4.9AI score0.00017EPSS
CVE
CVEadded 2022/01/04 4:15 p.m.35 views

CVE-2022-20019

In libMtkOmxGsmDec, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917620; Issue ID: ALPS05917620.

5.5CVSS5.1AI score0.00017EPSS
Total number of security vulnerabilities7579