Lucene search
K
GoogleAndroid

8153 matches found

CVE
CVE
added 2018/12/20 3:0 p.m.43 views

CVE-2018-11983

CVE-2018-11983 affects Android releases (Android for MSM, Firefox OS for MSM, QRD Android) built on CAF’s Linux kernel. The vulnerability is a kernel memory-management error where code accesses freed mask pointers after reallocating memory for a mask table, constituting a fault in the kernel’s ha...

7.8CVSS7.3AI score0.00143EPSS
CVE
CVE
added 2018/08/17 8:0 p.m.43 views

CVE-2018-14981

CVE-2018-14981 affects LG devices running Android 6.0–8.1, where the SystemUI application’s intents grant incorrect access control. The root cause is an access-control fault in SystemUI intents, enabling bypass of security restrictions; exploitation status is not detailed in the provided document...

9.8CVSS9.3AI score0.00565EPSS
CVE
CVE
added 2020/04/08 5:42 p.m.43 views

CVE-2018-21059

The CVE-2018-21059 entry describes an information-disclosure issue on Samsung mobile devices running Android N (7.x) and O (8.x). Clipboard content is visible in the locked state via the emergency contact picker, exposing potentially sensitive data. Samsung’s internal identifier SVE-2018-11806 is...

7.5CVSS7.6AI score0.00413EPSS
CVE
CVE
added 2020/04/08 5:39 p.m.43 views

CVE-2018-21060

Technical details about CVE-2018-21060 are not publicly provided in the supplied documents. Monitor for updates. The records reiterate a Samsung keyboard-leak issue but do not specify affected components, versions, or fixes.

7.5CVSS7.5AI score0.00413EPSS
CVE
CVE
added 2020/04/08 5:31 p.m.43 views

CVE-2018-21061

CVE-2018-21061 affects Samsung mobile devices running N(7.1) and O(8.x). The issue allows a counterfeit/“fake” charger to execute critical functions while the device is locked, enabling partial confidentiality, integrity, and availability impacts as indicated in CVSS vectors. The problem is descr...

6.8CVSS6.8AI score0.00135EPSS
CVE
CVE
added 2018/03/16 10:0 p.m.43 views

CVE-2018-3561

CVE-2018-3561 is a Qualcomm Diagchar-related issue affecting Android on MSM devices. The root cause is a race condition in diag_ioctl_lsm_deinit() that leads to a Use-After-Free condition. The vulnerability is characterized as Elevation of Privilege (EoP) with local access requirements and high i...

7CVSS6.6AI score0.001EPSS
CVE
CVE
added 2018/09/19 2:0 p.m.43 views

CVE-2018-3574

CVE-2018-3574 describes a vulnerability in CAF Android kernel userspace cache maintenance for ION buffers where the ION_FLAG_SECURE flag is not set, causing the kernel to perform cache maintenance on memory that does not belong to HLOS. The provided sources (NVD entry and Debian/Ubuntu security t...

5.5CVSS5.3AI score0.00273EPSS
CVE
CVE
added 2018/06/06 9:0 p.m.43 views

CVE-2018-3578

CVE-2018-3578 is a heap overflow in the Qualcomm WLAN component caused by a type mismatch for ie_len, leading Android CAF/Linux kernel builds to allocate insufficient heap memory. The issue is described as a local vulnerability with HIGH impact (CVSS3: LOCAL, LOW complexity, NO privileges, USER i...

9.3CVSS5.6AI score0.00455EPSS
CVE
CVE
added 2018/07/06 7:0 p.m.43 views

CVE-2018-3587

CVE-2018-3587 is tied to the Qualcomm qcacld-2.0 WLAN driver in Android CAF builds, where a Use-After-Free in a firmware memory dump feature can lead to Elevation of Privilege (EoP). The NVD listing shows a CVSS v3 base score of 7.8 (HIGH) with LOCAL attack vector, low complexity, and privileges ...

7.8CVSS7.1AI score0.00187EPSS
CVE
CVE
added 2018/04/03 5:0 p.m.43 views

CVE-2018-3599

CVE-2018-3599 is a Use-After-Free in Qualcomm Core Services affecting Qualcomm Android for MSM/CAF-based Android builds (Linux kernel pre-2018-04-05 patch). The issue occurs when notifying a DCI client, enabling EoP with high/critical impact per the Android Pixel bulletin. Mitigation is to apply ...

9.8CVSS8.6AI score0.00476EPSS
CVE
CVE
added 2018/06/15 8:0 p.m.43 views

CVE-2018-5863

CVE-2018-5863 is a buffer overflow in WLAN HOST caused by an overly large WPA RSN IE length processed by wlan_hdd_cfg80211_set_ie(). Affected are Android releases (Android for MSM, Firefox OS for MSM, QRD Android) provided by CAF on the Linux kernel. The description confirms a memory corruption v...

7.8CVSS7.5AI score0.00151EPSS
CVE
CVE
added 2018/07/06 5:0 p.m.43 views

CVE-2018-5893

CVE-2018-5893 is a buffer overwrite in the Qualcomm WLAN driver (htt_t2h_msg_handler_fast()) within Android CAF/Linux kernel for MSM devices. Root cause: buffer overwrite during firmware message processing. Affected: Qualcomm WLAN component in Android on CAF Android for MSM, Firefox OS for MSM, Q...

7.8CVSS7.4AI score0.00184EPSS
CVE
CVE
added 2018/07/06 5:0 p.m.43 views

CVE-2018-5896

CVE-2018-5896 affects Android CAF builds using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) prior to the 2018-06-05 security patch level. The issue is a kernel panic caused by an out-of-bounds read from not checking the source buffer length against the packet stream length ...

7.1CVSS6.9AI score0.00164EPSS
CVE
CVE
added 2018/11/06 5:0 p.m.43 views

CVE-2018-9448

CVE-2018-9448 affects Android 8.0 and 8.1, with a vulnerability in avct_bcb_msg_ind (avct_bcb_act.cc) caused by a missing bounds check that could enable remote information disclosure without user interaction or additional privileges. The issue is categorized as an information-disclosure risk (no ...

7.8CVSS6.3AI score0.01654EPSS
CVE
CVE
added 2018/11/06 5:0 p.m.43 views

CVE-2018-9453

CVE-2018-9453 describes a local information-disclosure vulnerability in Android where, in avdt_msg_prs_cfg of avdt_msg.cc, a missing bounds check allows an out-of-bounds read. Affects Android versions 6.0–8.1 (including 6.0.0/6.0.1, 7.0, 7.1.x, 8.0, 8.1). The underlying issue is a missing bounds ...

5.5CVSS5.3AI score0.0019EPSS
CVE
CVE
added 2018/11/14 6:0 p.m.43 views

CVE-2018-9529

CVE-2018-9529 affects Android 9 and is triggered by an out-of-bounds write in ixheaacd_individual_ch_stream within ixheaacd_channel.c caused by a missing bounds check. The issue could allow remote code execution with no privileges, with user interaction required for exploitation. No exploitation ...

8.8CVSS9AI score0.00727EPSS
CVE
CVE
added 2018/11/14 6:0 p.m.43 views

CVE-2018-9530

CVE-2018-9530 affects Android 9, where in file ixheaacd_aac_tns.c (function ixheaacd_tns_ar_filter_dec) there is a missing bounds check causing a possible out-of-bounds write. This could enable remote code execution with no extra privileges and requires user interaction to exploit. The Android se...

8.8CVSS9AI score0.00727EPSS
CVE
CVE
added 2018/11/14 6:0 p.m.43 views

CVE-2018-9535

CVE-2018-9535 is a vulnerability in Android 9 where ixheaacd_reset_acelp_data_fix in ixheaacd_lpc.c can write out of bounds due to a missing bounds check, enabling remote code execution with network attack vector and user interaction required. The issue is documented in NVD for Android 9 and echo...

8.8CVSS9AI score0.00727EPSS
CVE
CVE
added 2018/11/14 6:0 p.m.43 views

CVE-2018-9540

The CVE-2018-9540 issue affects Android’s Bluetooth stack. In avrc_ctrl_pars_vendor_rsp (avrc_pars_ct.c) a missing bounds check allows an out-of-bounds read, enabling remote information disclosure over Bluetooth without user interaction or added privileges. Affected: Android 7.0–9 (Android-7.0, 7...

7.5CVSS7.2AI score0.01109EPSS
CVE
CVE
added 2018/12/06 2:0 p.m.43 views

CVE-2018-9553

CVE-2018-9553 : In MasteringMetadata::Parse of mkvparser.cc, a double-free can occur due to an insecure default value, enabling remote code execution. Affected: Android devices/versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9. Exploitation requires user interaction (local attack). Evidence ties this CVE ...

9.3CVSS7.9AI score0.01089EPSS
CVE
CVE
added 2018/12/07 11:0 p.m.43 views

CVE-2018-9572

CVE-2018-9572 affects Android 9 in the impd_drc_parse_coeff function of impd_drc_static_payload.c, where a missing bounds check can cause an out-of-bounds write leading to remote code execution with no privileges and requiring user interaction for exploitation. The issue is documented in multiple...

9.3CVSS9AI score0.01133EPSS
CVE
CVE
added 2018/12/07 11:0 p.m.43 views

CVE-2018-9575

CVE-2018-9575 affects Android 9, with a vulnerability in impd_parse_dwnmix_instructions in impd_drc_static_payload.c. The root cause is a missing bounds check, causing an out-of-bounds write that could enable remote code execution. Exploitation is described as requiring user interaction, and the ...

9.3CVSS8.5AI score0.00863EPSS
CVE
CVE
added 2019/04/19 7:43 p.m.43 views

CVE-2019-2040

CVE-2019-2040 affects Android 9 (rw_i93_process_ext_sys_info in rw_i93.cc). It is caused by a missing bounds check, leading to a possible out-of-bounds read and local information disclosure; exploitation requires user interaction. The Android Security Bulletin assigns this vulnerability to the Sy...

5CVSS4.7AI score0.00157EPSS
CVE
CVE
added 2020/03/24 5:50 p.m.43 views

CVE-2019-20539

CVE-2019-20539 affects Samsung mobile devices running N(7.x), O(8.x), and P(9.0) on Broadcom chipsets. The vulnerability is an out-of-bounds read in the Wi-Fi vendor command, leading to information leakage. Impact is described as partial confidentiality loss; no exploit details are provided in th...

5.3CVSS5.4AI score0.0034EPSS
CVE
CVE
added 2020/03/24 5:53 p.m.43 views

CVE-2019-20541

The CVE-2019-20541 entry concerns Samsung mobile devices running Android P (9.0) on Exynos chipsets, where the Wi-Fi kernel drivers are affected by a stack overflow. Affected Samsung IDs include SVE-2019-14965, 14966, 14968–14970, 14980–14984, 15122–15123 (November 2019). The issue originates in ...

7.8CVSS7.5AI score0.00136EPSS
CVE
CVE
added 2020/03/24 6:27 p.m.43 views

CVE-2019-20560

CVE-2019-20560 affects Samsung mobile devices on O(8.x) and P(9.0) with TEEGRIS. The BIOSUB Trustlet has an out-of-bounds write vulnerability. Connected sources (Red Hat, NVD/NVD list) confirm the issue description but do not provide affected product versions beyond the Samsung device/software fa...

9.8CVSS9.5AI score0.00468EPSS
CVE
CVE
added 2020/03/24 6:28 p.m.43 views

CVE-2019-20561

CVE-2019-20561 refers to a vulnerability in Samsung mobile devices with N(7.x), O(8.x), and P(9.0) Exynos chipsets where the bootloader contains an integer signedness error (Samsung ID SVE-2019-15230). Public documents across NVD and Red Hat cite the same issue; no product-specific exploit detail...

9.8CVSS9.4AI score0.00535EPSS
CVE
CVE
added 2020/03/24 6:32 p.m.43 views

CVE-2019-20565

Technical details about CVE-2019-20565 are not publicly available in the provided connected documents. Monitor for updates from vendors and security trackers.

7.5CVSS7.6AI score0.0036EPSS
CVE
CVE
added 2020/03/24 6:39 p.m.43 views

CVE-2019-20572

CVE-2019-20572 describes a buffer overflow in the load_kernel path on Samsung mobile devices with Exynos chips running O(8.1) and P(9.0). The issue is triggered by untrusted data and is documented across multiple feeds (NVD entry and Red Hat/CVE references) under the Samsung ID SVE-2019-14939. Th...

9.8CVSS9.7AI score0.0044EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-2060

CVE-2019-2060 affects the Android 10 libxaac library, with a potential out-of-bounds read due to a missing bounds check that could lead to information disclosure. Exploitation requires user interaction. Affected product/version: Android 10; Android ID A-112709994. CVSS data from NVD indicates a b...

6.5CVSS6.4AI score0.00583EPSS
CVE
CVE
added 2020/03/24 7:37 p.m.43 views

CVE-2019-20621

CVE-2019-20621 concerns a baseband heap overflow in Samsung mobile devices with Exynos baseband software (N(7.x), O(8.x), P(9.0)). Multiple feeds (Red Hat, CNVD, CVE lists, CVEs) reference the same issue; Samsung’s internal ID is SVE-2018-13187 (Feb 2019). The NVD entry cites a critical CVSS-3.1 ...

10CVSS9.4AI score0.00593EPSS
CVE
CVE
added 2020/03/24 7:38 p.m.43 views

CVE-2019-20622

CVE-2019-20622 affects Samsung mobile devices running N(7.x), O(8.x), and P(9.0) on Exynos chipsets, via a baseband stack overflow. The issue is identified with Samsung’s internal reference SVE-2018-13188 (Feb 2019). The NVD entry lists a high-severity, network-exposed vulnerability with a base s...

10CVSS9.4AI score0.00593EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-2068

CVE-2019-2068 affects Android 10 via libxaac, where an out-of-bounds write due to a missing bounds check could enable remote code execution. Exploitation requires user interaction; the CVSS data indicates network access as a potential vector (NVD) and high impact (RCE) per Android bulletin. Remed...

8.8CVSS9AI score0.00714EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-2071

CVE-2019-2071 affects Android 10 via the libxaac library. The issue is an out-of-bounds write caused by a missing bounds check in libxaac, enabling remote code execution with no required privileges and with user interaction needed to exploit. The impact is consistent with a high-severity remote c...

8.8CVSS9AI score0.00714EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-2081

Affected component: libxaac in Android 10. Root cause: out-of-bounds write due to a missing bounds check, enabling potential remote code execution. Impact: attacker could execute code remotely with no privileges; user interaction is required for exploitation. Exploitation status not detailed in t...

8.8CVSS9AI score0.00714EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-2082

CVE-2019-2082 is a vulnerability in the Android libxaac library where an out-of-bounds write arises from a missing bounds check in libxaac. The issue could enable remote code execution on Android 10 with no extra privileges, and exploitation requires user interaction. Affected component: libxaac ...

8.8CVSS9AI score0.00714EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-2143

CVE-2019-2143 affects Android 10, in the libxaac library. The issue is an out-of-bounds read caused by a missing bounds check, leading to potential information disclosure. Exploitation requires user interaction, and the description does not indicate remote execution or other privileges. Connected...

6.5CVSS6.4AI score0.00583EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-2152

CVE-2019-2152 affects libxaac in Android 10 (Android-10). The issue is an out-of-bounds read caused by a missing bounds check, which could lead to information disclosure without requiring additional execution privileges. Exploitation requires user interaction. The CVE is listed in the Android 10 ...

6.5CVSS6.4AI score0.00583EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-2153

CVE-2019-2153 affects libxaac in Android 10, where an out-of-bounds read due to a missing bounds check can disclose information. The vulnerability permits information leakage without execution rights, requiring user interaction to exploit. Documented references indicate the issue is part of the A...

6.5CVSS6.4AI score0.00583EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-9238

The CVE-2019-9238 entry concerns the NFC stack in Android 10, where a missing bounds check can cause an out-of-bounds write. This leads to local elevation of privilege with System execution privileges required, and exploitation requires user interaction. The available connected documents corrobor...

6.9CVSS7.1AI score0.00187EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-9241

CVE-2019-9241 affects Android 10 Bluetooth, describing an out-of-bounds read due to a missing bounds check that could enable remote information disclosure with no user interaction or privileges. CVSS indicates network-based exploitation with high confidentiality impact. Remediation is provided by...

7.5CVSS7.2AI score0.00804EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-9265

CVE-2019-9265 affects Android 10 Bluetooth, where an incorrect bounds check enables an out-of-bounds read that could disclose information remotely without extra privileges or user interaction. Documented impact is information disclosure; no exploitation details are provided in the available sourc...

7.5CVSS7.2AI score0.00804EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-9266

CVE-2019-9266 involves an out-of-bounds write in Android’s sensorservice due to a missing bounds check, enabling local privilege escalation with System-level privileges and no user interaction required. Affected software is Android 10; the vulnerability is an Elevation of Privilege (EoP) within t...

7.2CVSS7.2AI score0.00167EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-9280

CVE-2019-9280 affects Android 10 (Framework). The issue is an elevation-of-privilege in the keyguard caused by improper permission checks, enabling a local bypass of the keyguard under limited circumstances. Exploitation requires user execution privileges, but no user interaction is required. Aff...

3.3CVSS5.2AI score0.00147EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-9284

The CVE-2019-9284 entry describes a Bluetooth out-of-bounds read in Android 10 that could lead to remote information disclosure without user interaction due to a missing bounds check. Connected sources confirm the vulnerability affects Android-10 Bluetooth components and is addressed in the Andro...

7.5CVSS7.6AI score0.00526EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-9300

CVE-2019-9300 describes a vulnerability in Android 10’s Media Framework (libAACdec) where an integer overflow can trigger an out-of-bounds write, enabling remote code execution. The issue affects Android 10 and is associated with Android’s libAACdec component; the root cause is an out-of-bounds w...

8.8CVSS9AI score0.00714EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-9329

CVE-2019-9329 affects Android 10, where a Bluetooth out-of-bounds read can occur due to uninitialized data, enabling remote information disclosure without privileges or user interaction. The affected component is Bluetooth in Android 10 devices; root cause is an out-of-bounds read from uninitiali...

7.5CVSS7.5AI score0.00526EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-9332

The CVE-2019-9332 entry concerns the Android 10 Bluetooth stack, where a missing bounds check enables an out-of-bounds read. This could allow remote information disclosure without user interaction or privileges, over a network vector (low complexity). The issue is documented in NVD and Red Hat’s ...

7.5CVSS7.2AI score0.00804EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-9350

CVE-2019-9350 corresponds to an Elevation of Privilege in Android 10 Keymaster, caused by a use-after-free in a component handling crypto operations. This vulnerability could allow a local attacker to escalate privileges without additional execution privileges or user interaction, as described ac...

7.8CVSS8.1AI score0.00156EPSS
CVE
CVE
added 2019/09/27 6:5 p.m.43 views

CVE-2019-9366

CVE-2019-9366 affects the Android platform component libSBRdec on Android 10. The issue is an out-of-bounds read caused by a missing bounds check, with the potential for remote information disclosure. Exploitation requires user interaction. The provided connected documents do not specify a fixed ...

6.5CVSS6.4AI score0.00732EPSS
Total number of security vulnerabilities8153