Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GoogleAndroid

7772 matches found

CVE
CVEadded 2020/03/24 8:15 p.m.34 views

CVE-2019-20591

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is local SQL injection in the Gear VR Service Content Provider. The Samsung ID is SVE-2019-14058 (July 2019).

7.8CVSS8AI score0.00037EPSS
CVE
CVEadded 2020/03/24 8:15 p.m.34 views

CVE-2019-20616

An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. Gallery leaks a thumbnail of Private Mode content. The Samsung ID is SVE-2018-13563 (March 2019).

5.3CVSS5.4AI score0.00091EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.34 views

CVE-2019-2071

In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117216549

8.8CVSS9AI score0.00409EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.34 views

CVE-2019-2074

In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116617847

8.8CVSS9AI score0.00409EPSS
CVE
CVEadded 2020/03/15 10:15 p.m.34 views

CVE-2019-2088

In StatsService, there is a possible out of bounds read. This could lead to local information disclosure if UBSAN were not enabled, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10 Android ID: A-143895055

5.5CVSS5.8AI score0.00017EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.34 views

CVE-2019-2143

In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114746174

6.5CVSS6.4AI score0.00125EPSS
CVE
CVEadded 2020/03/15 10:15 p.m.34 views

CVE-2019-2216

In overlay notifications, there is a possible hidden notification due to improper input validation. This could lead to a local escalation of privilege because the user is not notified of an overlaying app, with User execution privileges needed. User interaction is needed for exploitation.Product: A...

7.3CVSS7.6AI score0.00015EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.34 views

CVE-2019-9238

In the NFC stack, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-121267042

6.9CVSS7.1AI score0.00012EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.34 views

CVE-2019-9266

In sensorservice, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-119501435

7.2CVSS7.2AI score0.00012EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.34 views

CVE-2019-9313

In libstagefright, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112005441

6.5CVSS6.5AI score0.00244EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.34 views

CVE-2019-9331

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112272279

7.5CVSS7.2AI score0.00312EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.34 views

CVE-2019-9333

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109753657

6.5CVSS6.4AI score0.00244EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.34 views

CVE-2019-9409

In libhevc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112272091

6.5CVSS6.5AI score0.00244EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.34 views

CVE-2019-9411

In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204845

6.5CVSS6.5AI score0.00244EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.34 views

CVE-2019-9419

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111407544

7.5CVSS7.2AI score0.00312EPSS
CVE
CVEadded 2020/03/10 8:15 p.m.34 views

CVE-2020-0044

In set_nonce of fpc_ta_qc_auth.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-1376...

4.4CVSS4.3AI score0.00043EPSS
CVE
CVEadded 2020/05/14 9:15 p.m.34 views

CVE-2020-0092

In setHideSensitive of NotificationStackScrollLayout.java, there is a possible disclosure of sensitive notification content due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Produc...

5CVSS4.7AI score0.00013EPSS
CVE
CVEadded 2020/09/17 9:15 p.m.34 views

CVE-2020-0130

In screencap, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege in a system process with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-1232303...

7.8CVSS8.4AI score0.00125EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.34 views

CVE-2020-0133

In MockLocationAppPreferenceController.java, it is possible to mock the GPS location of the device due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10And...

7.3CVSS7.6AI score0.00006EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.34 views

CVE-2020-0153

In phNxpNciHal_write_ext of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Androi...

6.7CVSS7.2AI score0.00016EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.34 views

CVE-2020-0154

In nci_proc_core_rsp of nci_hrcv.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVers...

4.4CVSS4.9AI score0.00018EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.34 views

CVE-2020-0159

In rw_mfc_writeBlock of rw_mfc.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-14076803...

5.5CVSS5.7AI score0.00062EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.34 views

CVE-2020-0169

In RTTTL_Event of eas_rtttl.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-123700383

6.5CVSS6.8AI score0.00345EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.34 views

CVE-2020-0170

In IMY_Event of eas_imelody.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-127310810

6.5CVSS6.8AI score0.00345EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.34 views

CVE-2020-0180

In GetOpusHeaderBuffers() of OpusHeader.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android...

6.5CVSS6.5AI score0.00244EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.34 views

CVE-2020-0199

In TimeCheck::TimeCheckThread::threadLoop of TimeCheck.cpp, there is a possible use-after-free due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Androi...

4.1CVSS4.8AI score0.00016EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.34 views

CVE-2020-0207

In next_marker of jdmarker.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-13553...

6.5CVSS6.6AI score0.00244EPSS
CVE
CVEadded 2020/06/16 2:15 p.m.34 views

CVE-2020-0232

Function abc_pcie_issue_dma_xfer_sync creates a transfer object, adds it to the session object then continues to work with it. A concurrent thread could retrieve created transfer object from the session object and delete it using abc_pcie_dma_user_xfer_clean. If this happens, abc_pcie_start_dma_xfe...

9.8CVSS8.9AI score0.00147EPSS
CVE
CVEadded 2021/01/26 6:15 p.m.34 views

CVE-2020-0236

In A2DP_GetCodecType of a2dp_codec_config, there is a possible out-of-bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android, Versions: Android-1...

7.5CVSS7.2AI score0.00312EPSS
CVE
CVEadded 2020/09/17 9:15 p.m.34 views

CVE-2020-0275

In MediaProvider, there is a possible way to access ContentResolver and MediaStore entries the app shouldn't have access to due to a permissions bypass. This could lead to local escalation of privilege, with no additional execution privileges needed. User interaction is not needed for exploitation....

7.8CVSS8.1AI score0.0001EPSS
CVE
CVEadded 2020/09/17 9:15 p.m.34 views

CVE-2020-0277

In NetworkPolicyManagerService, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing a malicious app to modify the device's data plan with no additional execution privileges needed. User interaction is not needed for exp...

7.8CVSS8.1AI score0.00012EPSS
CVE
CVEadded 2020/09/18 4:15 p.m.34 views

CVE-2020-0300

In NFC, there is a possible out of bounds read due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-148736216

7.5CVSS7.3AI score0.00312EPSS
CVE
CVEadded 2020/09/18 3:15 p.m.34 views

CVE-2020-0318

In the System UI, there is a possible system crash due to an uncaught exception. This could lead to local permanent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-33646131

5.5CVSS6AI score0.00017EPSS
CVE
CVEadded 2020/09/17 9:15 p.m.34 views

CVE-2020-0328

In the camera, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150156131

4.4CVSS5AI score0.00016EPSS
CVE
CVEadded 2020/09/17 9:15 p.m.34 views

CVE-2020-0340

In libcodec2_soft_mp3dec, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-144901522

6.5CVSS6.6AI score0.00244EPSS
CVE
CVEadded 2020/09/18 4:15 p.m.34 views

CVE-2020-0348

In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over NFC with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-139188582

4.9CVSS5.5AI score0.00263EPSS
CVE
CVEadded 2020/09/17 9:15 p.m.34 views

CVE-2020-0359

In GLESRenderEngine, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150303018

5.5CVSS5.9AI score0.00017EPSS
CVE
CVEadded 2020/09/17 9:15 p.m.34 views

CVE-2020-0361

In libDRCdec, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-151927433

6.5CVSS6.6AI score0.00244EPSS
CVE
CVEadded 2020/12/15 4:15 p.m.34 views

CVE-2020-0495

In decode_Huffman of JBig2_SddProc.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:...

5.5CVSS5.8AI score0.00017EPSS
CVE
CVEadded 2020/03/24 6:15 p.m.34 views

CVE-2020-10829

An issue was discovered on Samsung mobile devices with O(8.0), P(9.0), and Q(10.0) (Broadcom chipsets) software. A kernel driver heap overflow leads to arbitrary code execution. The Samsung ID is SVE-2019-15880 (March 2020).

7.8CVSS8AI score0.00018EPSS
CVE
CVEadded 2020/03/24 6:15 p.m.34 views

CVE-2020-10832

An issue was discovered on Samsung mobile devices with P(9.0) (Exynos chipsets) software. Kernel Wi-Fi drivers allow out-of-bounds Read or Write operations (e.g., a buffer overflow). The Samsung IDs are SVE-2019-16125, SVE-2019-16134, SVE-2019-16158, SVE-2019-16159, SVE-2019-16319, SVE-2019-16320, ...

7.8CVSS7.8AI score0.00017EPSS
CVE
CVEadded 2020/03/24 6:15 p.m.34 views

CVE-2020-10847

An issue was discovered on Samsung mobile devices with P(9.0) (Galaxy S8 and Note8) software. Facial recognition can be spoofed. The Samsung ID is SVE-2019-16614 (February 2020).

6.8CVSS6.7AI score0.00017EPSS
CVE
CVEadded 2020/03/24 6:15 p.m.34 views

CVE-2020-10854

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Kernel stack addresses are leaked to userspace. The Samsung ID is SVE-2019-16161 (January 2020).

7.5CVSS7.5AI score0.00123EPSS
CVE
CVEadded 2020/04/08 4:15 p.m.34 views

CVE-2020-11603

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (incorporating TEEGRIS) software. Type confusion in the MLDAP Trustlet allows arbitrary code execution. The Samsung ID is SVE-2020-16599 (April 2020).

9.8CVSS9.6AI score0.00222EPSS
CVE
CVEadded 2020/04/08 4:15 p.m.34 views

CVE-2020-11606

An issue was discovered on Samsung mobile devices with Q(10.0) software. Information about application preview (in the Secure Folder) leaks on a locked device. The Samsung ID is SVE-2019-16463 (April 2020).

2.4CVSS4.2AI score0.00007EPSS
CVE
CVEadded 2020/07/07 2:15 p.m.34 views

CVE-2020-15584

An issue was discovered on Samsung mobile devices with Q(10.0) software. Attackers can trigger an out-of-bounds access and device reset via a 4K wallpaper image because ImageProcessHelper mishandles boundary checks. The Samsung ID is SVE-2020-18056 (July 2020).

7.1CVSS5.5AI score0.00053EPSS
CVE
CVEadded 2020/08/31 9:15 p.m.34 views

CVE-2020-25053

An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. RKP allows arbitrary code execution. The Samsung ID is SVE-2020-17435 (August 2020).

9.8CVSS9.7AI score0.00187EPSS
CVE
CVEadded 2020/09/11 10:15 p.m.34 views

CVE-2020-25280

An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos and MediaTek chipsets) software. Unauthenticated attackers can execute LTE/5G commands by sending a debugging command over USB. The Samsung ID is SVE-2020-16979 (September 2020).

6.8CVSS7AI score0.00042EPSS
CVE
CVEadded 2020/12/15 5:15 p.m.34 views

CVE-2020-27046

In nfc_ncif_proc_ee_action of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A...

4.4CVSS4.9AI score0.00018EPSS
CVE
CVEadded 2020/12/15 5:15 p.m.34 views

CVE-2020-27051

In NFA_RwI93WriteMultipleBlocks of nfa_rw_api.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Andr...

7.8CVSS8.2AI score0.00056EPSS
Total number of security vulnerabilities7772