Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GoogleAndroid

7579 matches found

CVE
CVEadded 2020/07/17 8:15 p.m.29 views

CVE-2020-0120

In notifyErrorForPendingRequests of QCamera3HWI.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Andr...

7.8CVSS8.3AI score0.00016EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.29 views

CVE-2020-0137

In setIPv6AddrGenMode of NetworkManagementService.java, there is a possible bypass of networking permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: A...

7.8CVSS8.2AI score0.00012EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.29 views

CVE-2020-0144

In btm_proc_sp_req_evt of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersio...

4.4CVSS4.9AI score0.00018EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.29 views

CVE-2020-0172

In Parse_art of eas_mdls.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-127312550

6.5CVSS6.8AI score0.00345EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.29 views

CVE-2020-0185

In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10And...

5.5CVSS5.7AI score0.00017EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.29 views

CVE-2020-0186

In hal_fd_init of hal_fd.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-14614446...

6.7CVSS7.2AI score0.00016EPSS
CVE
CVEadded 2020/09/18 4:15 p.m.29 views

CVE-2020-0282

In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure. System execution privileges, a Firmware compromise, and User interaction are needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-144506224

4.5CVSS5.3AI score0.00205EPSS
CVE
CVEadded 2020/09/18 4:15 p.m.29 views

CVE-2020-0316

In Telephony, there is a missing permission check. This could lead to local information disclosure of radio data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154934919

5.5CVSS5.7AI score0.00015EPSS
CVE
CVEadded 2020/09/17 9:15 p.m.29 views

CVE-2020-0329

In the OMX encoder, there is a possible out of bounds read due to invalid input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-63522940

5.5CVSS5.7AI score0.00017EPSS
CVE
CVEadded 2020/09/17 9:15 p.m.29 views

CVE-2020-0332

In libstagefright, there is a possible dead loop due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-124783982

6.5CVSS6.8AI score0.00294EPSS
CVE
CVEadded 2020/09/17 9:15 p.m.29 views

CVE-2020-0370

In libAACdec, there is a possible out of bounds read due to missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-112051700

6.5CVSS6.5AI score0.00244EPSS
CVE
CVEadded 2020/09/17 9:15 p.m.29 views

CVE-2020-0406

In libmpeg2dec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if another exploit allowed this to be triggered with different parameters, with no additional execution privileges needed. User interaction is needed for exploitat...

7.8CVSS8.2AI score0.00056EPSS
CVE
CVEadded 2020/09/17 7:15 p.m.29 views

CVE-2020-0434

In Pixel's use of the Catpipe library, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-...

7.8CVSS8.3AI score0.00015EPSS
CVE
CVEadded 2020/12/15 4:15 p.m.29 views

CVE-2020-0488

In ihevc_inter_pred_chroma_copy_ssse3 of ihevc_inter_pred_filters_ssse3_intr.c, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

6.5CVSS6.6AI score0.00244EPSS
CVE
CVEadded 2020/03/24 6:15 p.m.29 views

CVE-2020-10834

An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can view notifications on the lock screen via Routines. The Samsung ID is SVE-2019-15074 (February 2020).

5.3CVSS5.4AI score0.00091EPSS
CVE
CVEadded 2020/03/24 6:15 p.m.29 views

CVE-2020-10842

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (S.LSI chipsets) software. There is a heap out-of-bounds write in the tsmux driver. The Samsung ID is SVE-2019-16295 (February 2020).

7.8CVSS7.7AI score0.00016EPSS
CVE
CVEadded 2020/03/24 6:15 p.m.29 views

CVE-2020-10851

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. There is a stack overflow in the kperfmon driver. The Samsung ID is SVE-2019-15876 (January 2020).

7.8CVSS7.8AI score0.00017EPSS
CVE
CVEadded 2020/03/24 6:15 p.m.29 views

CVE-2020-10853

An issue was discovered on Samsung mobile devices with P(9.0) software. Gallery leaks cached data. The Samsung IDs are SVE-2019-16010, SVE-2019-16011, SVE-2019-16012 (January 2020).

5.3CVSS5.4AI score0.00091EPSS
CVE
CVEadded 2020/07/07 2:15 p.m.29 views

CVE-2020-15578

An issue was discovered on Samsung mobile devices with O(8.x) software. FactoryCamera does not properly restrict runtime permissions. The Samsung ID is SVE-2020-17270 (July 2020).

5.5CVSS5.6AI score0.00013EPSS
CVE
CVEadded 2020/12/15 4:15 p.m.29 views

CVE-2020-27035

In priorLinearAllocation of C2AllocatorIon.cpp, there is a possible use-after-free due to improper locking. This could lead to local information disclosure in the media codec with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An...

5.5CVSS5.8AI score0.00015EPSS
CVE
CVEadded 2020/12/15 5:15 p.m.29 views

CVE-2020-27039

In postNotification of ServiceRecord.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-1...

5.5CVSS5.8AI score0.00017EPSS
CVE
CVEadded 2020/12/15 5:15 p.m.29 views

CVE-2020-27053

In broadcastWifiCredentialChanged of ClientModeImpl.java, there is a possible location permission bypass due to a missing permission check. This could lead to local information disclosure of the WiFi network name with System execution privileges needed. User interaction is not needed for exploitati...

4.4CVSS5AI score0.00015EPSS
CVE
CVEadded 2021/03/10 4:15 p.m.29 views

CVE-2021-0369

In CrossProfileAppsServiceImpl.java, there is the possibility of an application's INTERACT_ACROSS_PROFILES grant state not displaying properly in the setting UI due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User in...

7.8CVSS7.6AI score0.00016EPSS
CVE
CVEadded 2021/03/10 4:15 p.m.29 views

CVE-2021-0371

In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android I...

6.7CVSS6.6AI score0.00015EPSS
CVE
CVEadded 2021/08/18 3:15 p.m.29 views

CVE-2021-0407

In clk driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05479659; Issue ID: ALPS05479659.

6.7CVSS6.7AI score0.00019EPSS
CVE
CVEadded 2021/09/27 12:15 p.m.29 views

CVE-2021-0425

In memory management driver, there is a possible side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05400059.

5.5CVSS4.9AI score0.00034EPSS
CVE
CVEadded 2021/03/10 5:15 p.m.29 views

CVE-2021-0455

In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175116...

7.2CVSS6.7AI score0.00014EPSS
CVE
CVEadded 2021/03/10 5:15 p.m.29 views

CVE-2021-0465

In GenerateFaceMask of face.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ...

7.8CVSS7.7AI score0.00015EPSS
CVE
CVEadded 2021/09/27 12:15 p.m.29 views

CVE-2021-0612

In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425834.

7.8CVSS7.8AI score0.00017EPSS
CVE
CVEadded 2021/11/18 3:15 p.m.29 views

CVE-2021-0621

In asf extractor, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05489178; Issue ID: ALPS05561383.

5.5CVSS5AI score0.00017EPSS
CVE
CVEadded 2021/10/25 2:15 p.m.29 views

CVE-2021-0634

In display driver, there is a possible memory corruption due to uninitialized data. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05594994; Issue ID: ALPS05594994.

7.2CVSS6.8AI score0.00013EPSS
CVE
CVEadded 2021/09/27 12:15 p.m.29 views

CVE-2021-0660

In ccu, there is a possible out of bounds read due to incorrect error handling. This could lead to information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827145; Issue ID: ALPS05827145.

4.9CVSS4.8AI score0.00273EPSS
CVE
CVEadded 2021/12/15 7:15 p.m.29 views

CVE-2021-1038

In UserDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking/overlay attack. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-1...

5.5CVSS5.3AI score0.0005EPSS
CVE
CVEadded 2021/06/11 3:15 p.m.29 views

CVE-2021-25383

An improper input validation vulnerability in scmn_mfal_read() in libsapeextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

9.8CVSS9.6AI score0.00187EPSS
CVE
CVEadded 2021/06/11 3:15 p.m.29 views

CVE-2021-25407

A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write.

7.8CVSS7.6AI score0.00019EPSS
CVE
CVEadded 2021/06/11 3:15 p.m.29 views

CVE-2021-25412

An improper access control vulnerability in genericssoservice prior to SMR JUN-2021 Release 1 allows local attackers to execute protected activity with system privilege via untrusted applications.

7.8CVSS7.6AI score0.00011EPSS
CVE
CVEadded 2021/10/06 6:15 p.m.29 views

CVE-2021-25475

A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.

7.2CVSS6.9AI score0.00016EPSS
CVE
CVEadded 2021/10/06 6:15 p.m.29 views

CVE-2021-25484

Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event.

4CVSS4.2AI score0.00019EPSS
CVE
CVEadded 2022/12/06 7:15 a.m.29 views

CVE-2022-39090

In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.

7.8CVSS7.5AI score0.00035EPSS
CVE
CVEadded 2022/10/14 7:15 p.m.29 views

CVE-2022-39113

In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed.

5.5CVSS5.4AI score0.00071EPSS
CVE
CVEadded 2023/05/09 2:15 a.m.29 views

CVE-2022-47494

In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

4.4CVSS4.7AI score0.0001EPSS
CVE
CVEadded 2023/03/07 9:15 p.m.29 views

CVE-2023-20641

In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629574; Issue ID: ALPS07629574.

6.7CVSS6.7AI score0.0002EPSS
CVE
CVEadded 2023/04/06 6:15 p.m.29 views

CVE-2023-20677

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588436.

4.4CVSS4.2AI score0.00018EPSS
CVE
CVEadded 2023/05/15 10:15 p.m.29 views

CVE-2023-20700

In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643304; Issue ID: ALPS07643304.

6.7CVSS6.7AI score0.00012EPSS
CVE
CVEadded 2023/07/04 2:15 a.m.29 views

CVE-2023-20757

In cmdq, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07636133; Issue ID: ALPS07636133.

6.7CVSS6.7AI score0.00011EPSS
CVE
CVEadded 2023/07/04 2:15 a.m.29 views

CVE-2023-20759

In cmdq, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07636133; Issue ID: ALPS07634601.

4.4CVSS4.8AI score0.0001EPSS
CVE
CVEadded 2023/07/04 2:15 a.m.29 views

CVE-2023-20771

In display, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07671046; Issue ID: ALPS07671046.

6.4CVSS6.7AI score0.00016EPSS
CVE
CVEadded 2023/08/07 4:15 a.m.29 views

CVE-2023-20784

In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826989; Issue ID: ALPS07826989.

6.7CVSS6.7AI score0.00011EPSS
CVE
CVEadded 2023/10/30 5:15 p.m.29 views

CVE-2023-21311

In Settings, there is a possible way to control private DNS settings from a secondary user due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

5.5CVSS5.2AI score0.00004EPSS
CVE
CVEadded 2023/07/12 9:15 a.m.29 views

CVE-2023-30919

In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

5.5CVSS5.2AI score0.00021EPSS
Total number of security vulnerabilities7579