Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GoogleAndroid

7550 matches found

CVE
CVEadded 2021/10/06 6:15 p.m.31 views

CVE-2021-25481

An improper error handling in Exynos CP booting driver prior to SMR Oct-2021 Release 1 allows local attackers to bypass a Secure Memory Protector of Exynos CP Memory.

6.7CVSS6.3AI score0.00016EPSS
CVE
CVEadded 2021/10/06 6:15 p.m.31 views

CVE-2021-25483

Lack of boundary checking of a buffer in livfivextractor library prior to SMR Oct-2021 Release 1 allows OOB read.

6.5CVSS6.5AI score0.00062EPSS
CVE
CVEadded 2021/11/05 3:15 a.m.31 views

CVE-2021-25503

Improper input validation vulnerability in HDCP prior to SMR Nov-2021 Release 1 allows attackers to arbitrary code execution.

6.7CVSS6.9AI score0.00018EPSS
CVE
CVEadded 2021/12/08 3:15 p.m.31 views

CVE-2021-25512

An improper validation vulnerability in telephony prior to SMR Dec-2021 Release 1 allows attackers to launch certain activities.

7.8CVSS7.5AI score0.00016EPSS
CVE
CVEadded 2021/12/15 7:15 p.m.31 views

CVE-2021-39651

In TBD of TBD, there is a possible way to access PIN protected settings bypassing PIN confirmation due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVers...

7.8CVSS7.6AI score0.00014EPSS
CVE
CVEadded 2023/05/09 2:15 a.m.31 views

CVE-2022-47340

In h265 codec firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges.

5.5CVSS5.5AI score0.00014EPSS
CVE
CVEadded 2023/03/10 9:15 p.m.31 views

CVE-2022-47478

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

5.5CVSS5.2AI score0.00011EPSS
CVE
CVEadded 2023/05/09 2:15 a.m.31 views

CVE-2022-47499

In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

4.4CVSS4.7AI score0.0001EPSS
CVE
CVEadded 2023/06/06 6:15 a.m.31 views

CVE-2022-48446

In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

5.5CVSS5.4AI score0.00023EPSS
CVE
CVEadded 2023/07/04 2:15 a.m.31 views

CVE-2023-20690

In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664735; Issue ID: ALPS07664735.

7.5CVSS7.4AI score0.01096EPSS
CVE
CVEadded 2023/05/15 10:15 p.m.31 views

CVE-2023-20720

In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629586; Issue ID: ALPS07629586.

6.7CVSS6.6AI score0.0002EPSS
CVE
CVEadded 2023/06/06 1:15 p.m.31 views

CVE-2023-20724

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07843845; Issue ID: ALPS07843841.

6.7CVSS6.6AI score0.00014EPSS
CVE
CVEadded 2023/06/06 1:15 p.m.31 views

CVE-2023-20749

In swpm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780926; Issue ID: ALPS07780926.

6.7CVSS6.7AI score0.0002EPSS
CVE
CVEadded 2023/08/07 4:15 a.m.31 views

CVE-2023-20795

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07864900; Issue ID: ALPS07864900.

6.7CVSS6.7AI score0.0002EPSS
CVE
CVEadded 2023/09/04 3:15 a.m.31 views

CVE-2023-20851

In stc, there is a possible out of bounds read due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08048635; Issue ID: ALPS08048635.

6.3CVSS6.3AI score0.00014EPSS
CVE
CVEadded 2023/01/26 9:18 p.m.31 views

CVE-2023-20923

In exported content providers of ShannonRcs, there is a possible way to get access to protected content providers due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: And...

5.5CVSS5.1AI score0.00009EPSS
CVE
CVEadded 2023/06/28 6:15 p.m.31 views

CVE-2023-21170

In executeSetClientTarget of ComposerCommandEngine.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13An...

4.4CVSS4.2AI score0.00028EPSS
CVE
CVEadded 2023/06/28 6:15 p.m.31 views

CVE-2023-21184

In getCurrentPrivilegedPackagesForAllUsers of CarrierPrivilegesTracker.java, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Produ...

7.8CVSS7.7AI score0.00007EPSS
CVE
CVEadded 2023/06/28 6:15 p.m.31 views

CVE-2023-21185

In multiple functions of WifiNetworkFactory.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

7.8CVSS7.7AI score0.00022EPSS
CVE
CVEadded 2023/06/28 6:15 p.m.31 views

CVE-2023-21211

In multiple files, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262235998

5.5CVSS5.2AI score0.00029EPSS
CVE
CVEadded 2023/10/30 5:15 p.m.31 views

CVE-2023-21299

In Package Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio...

5.5CVSS5.6AI score0.00015EPSS
CVE
CVEadded 2023/10/30 5:15 p.m.31 views

CVE-2023-21303

In Content, here is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

5.5CVSS5.6AI score0.00017EPSS
CVE
CVEadded 2023/10/30 5:15 p.m.31 views

CVE-2023-21318

In Content, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

5.5CVSS5.6AI score0.00015EPSS
CVE
CVEadded 2023/10/30 5:15 p.m.31 views

CVE-2023-21327

In Permission Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploita...

5.5CVSS5.1AI score0.00026EPSS
CVE
CVEadded 2023/10/30 5:15 p.m.31 views

CVE-2023-21339

In Minikin, there is a possible way to trigger ANR by showing a malicious message due to resource exhaustion. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

7.5CVSS7.4AI score0.02032EPSS
CVE
CVEadded 2023/10/30 5:15 p.m.31 views

CVE-2023-21340

In Telecomm, there is a possible way to get the call state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

5.5CVSS5.7AI score0.00017EPSS
CVE
CVEadded 2023/10/30 5:15 p.m.31 views

CVE-2023-21344

In Job Scheduler, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

5.5CVSS5.6AI score0.00031EPSS
CVE
CVEadded 2023/07/13 12:15 a.m.31 views

CVE-2023-21399

there is a possible way to bypass cryptographic assurances due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

7.8CVSS7.7AI score0.00003EPSS
CVE
CVEadded 2023/07/12 9:15 a.m.31 views

CVE-2023-30924

In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

5.5CVSS5.2AI score0.00021EPSS
CVE
CVEadded 2023/07/12 9:15 a.m.31 views

CVE-2023-30929

In telephony service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.

7.8CVSS7.7AI score0.00026EPSS
CVE
CVEadded 2023/12/04 4:15 a.m.31 views

CVE-2023-32852

In cameraisp, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07670971; Issue ID: ALPS07670971.

4.4CVSS4.3AI score0.00025EPSS
CVE
CVEadded 2023/12/04 4:15 a.m.31 views

CVE-2023-32857

In display, there is a possible out of bounds read due to an incorrect status check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS07993710.

4.4CVSS4.2AI score0.00041EPSS
CVE
CVEadded 2023/12/04 4:15 a.m.31 views

CVE-2023-32858

In GZ, there is a possible information disclosure due to a missing data erasing. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07806008; Issue ID: ALPS07806008.

4.4CVSS4.3AI score0.00025EPSS
CVE
CVEadded 2023/12/04 4:15 a.m.31 views

CVE-2023-32862

In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388762; Issue ID: ALPS07388762.

6.7CVSS6.6AI score0.00035EPSS
CVE
CVEadded 2023/12/04 4:15 a.m.31 views

CVE-2023-32869

In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363632; Issue ID: ALPS07363689.

6.7CVSS6.7AI score0.00033EPSS
CVE
CVEadded 2023/08/07 2:15 a.m.31 views

CVE-2023-33912

In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

5.5CVSS5.2AI score0.00011EPSS
CVE
CVEadded 2023/09/04 2:15 a.m.31 views

CVE-2023-38436

In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

5.5CVSS5.2AI score0.00016EPSS
CVE
CVEadded 2023/09/04 2:15 a.m.31 views

CVE-2023-38467

In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

4.4CVSS4.8AI score0.00007EPSS
CVE
CVEadded 2023/10/08 4:15 a.m.31 views

CVE-2023-40632

In jpg driver, there is a possible use after free due to a logic error. This could lead to remote information disclosure no additional execution privileges needed

7.5CVSS7.3AI score0.00498EPSS
CVE
CVEadded 2023/10/08 4:15 a.m.31 views

CVE-2023-40646

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

5.5CVSS5.2AI score0.00011EPSS
CVE
CVEadded 2024/01/18 3:15 a.m.31 views

CVE-2023-48353

In vsp driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed

4.4CVSS4.8AI score0.0001EPSS
CVE
CVEadded 2024/01/18 3:15 a.m.31 views

CVE-2023-48359

In autotest driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed

4.4CVSS4.8AI score0.00008EPSS
CVE
CVEadded 2024/02/05 6:15 a.m.31 views

CVE-2024-20012

In keyInstall, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08358566; Issue ID: ALPS08358566.

6.7CVSS6.6AI score0.00017EPSS
CVE
CVEadded 2024/02/05 6:15 a.m.31 views

CVE-2024-20013

In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08471742; Issue ID: ALPS08308608.

6.7CVSS6.7AI score0.00033EPSS
CVE
CVEadded 2024/11/04 2:15 a.m.31 views

CVE-2024-20121

In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1574.

6.7CVSS7.2AI score0.0001EPSS
CVE
CVEadded 2016/07/11 1:59 a.m.30 views

CVE-2014-9800

Integer overflow in lib/heap/heap.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28822150 and Qualcomm internal bug CR692478.

9.3CVSS7.6AI score0.00145EPSS
CVE
CVEadded 2017/08/18 6:29 p.m.30 views

CVE-2015-0574

In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of filesystem access was insufficient.

10CVSS8.8AI score0.00252EPSS
CVE
CVEadded 2017/08/18 6:29 p.m.30 views

CVE-2015-9049

In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in the processing of certain responses from the USIM.

10CVSS7.8AI score0.00152EPSS
CVE
CVEadded 2016/04/18 12:59 a.m.30 views

CVE-2016-0850

The PORCHE_PAIRING_CONFLICT feature in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows remote attackers to bypass intended pairing restrictions via a crafted device, aka internal bug 26551752.

8.8CVSS7.5AI score0.00085EPSS
CVE
CVEadded 2018/04/04 6:29 p.m.30 views

CVE-2016-10231

An elevation of privilege vulnerability in the Qualcomm sound codec driver. Product: Android. Versions: Android kernel. Android ID: A-33966912. References: QC-CR#1096799.

9.3CVSS8AI score0.00065EPSS
Total number of security vulnerabilities7550