CVE-2021-0464

In sound_trigger_event_alloc of platform.h, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kerne...

CVE-2021-0629

In mdlactl driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05776625; Issue ID: ALPS05776625.

CVE-2021-0769

In onCreate of AllowBindAppWidgetActivity.java, there is a possible bypass of user interaction requirements due to unclear UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Andro...

CVE-2021-0987

In getNeighboringCellInfo of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User inte...

CVE-2021-1001

In PVInitVideoEncoder of mp4enc_api.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ...

CVE-2021-1017

In AdapterService and GattService definition of AndroidManifest.xml, there is a possible way to disable bluetooth connection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitatio...

CVE-2021-1018

In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is no...

CVE-2021-1019

In snoozeNotification of NotificationListenerService.java, there is a possible permission confusion due to a misleading user consent dialog. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: ...

CVE-2021-1023

In onCreate of RequestIgnoreBatteryOptimizations.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User intera...

CVE-2021-25384

An improper input validation vulnerability in sdfffd_parse_chunk_PROP() with Sample Rate Chunk in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

CVE-2021-25391

Intent redirection vulnerability in Secure Folder prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action.

CVE-2021-25413

Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows local attackers to get permissions to access arbitrary data with Samsung Contacts privilege.

CVE-2021-25456

OOB read vulnerability in libswmfextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute memcpy at arbitrary address via forged wmf file.

CVE-2021-25519

An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission.

CVE-2021-39640

In __dwc3_gadget_ep0_queue of ep0.c, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: ...

CVE-2022-47352

In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE-2022-47495

In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

CVE-2022-48442

In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

CVE-2022-48463

In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

CVE-2023-20700

In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643304; Issue ID: ALPS07643304.

CVE-2023-20753

In rpmb, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460390; Issue ID: ALPS07588667.

CVE-2023-20759

In cmdq, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07636133; Issue ID: ALPS07634601.

CVE-2023-21152

In FaceStatsAnalyzer::InterpolateWeightList of face_stats_analyzer.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...

CVE-2023-21167

In setProfileName of DevicePolicyManagerService.java, there is a possible way to crash the SystemUI menu due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...

CVE-2023-21202

In btm_delete_stored_link_key_complete of btm_devctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVers...

CVE-2023-21316

In Content, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21323

In Activity Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitati...

CVE-2023-21338

In Input Method, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-30865

In dialer service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

CVE-2023-30917

In DMService, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.

CVE-2023-30932

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

CVE-2023-30942

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

CVE-2023-32859

In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08000473; Issue ID: ALPS08000473.

CVE-2023-32860

In display, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929788; Issue ID: ALPS07929788.

CVE-2023-32865

In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363456; Issue ID: ALPS07363456.

CVE-2023-33895

In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

CVE-2023-33897

In libimpl-ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

CVE-2023-33904

In hci_server, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

CVE-2023-35648

In ProtocolMiscLceIndAdapter::GetConfLevel() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.

CVE-2023-42671

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE-2023-42672

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE-2023-42690

In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE-2023-42693

In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE-2023-42739

In engineermode service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE-2015-9043

In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced upon the expiry of a timer.

CVE-2016-11035

An issue was discovered on Samsung mobile devices with software through 2016-05-27 (Exynos AP chipsets). A local graphics user can cause a Kernel Crash via the fb0(DECON) frame buffer interface. The Samsung ID is SVE-2016-7011 (October 2016).

CVE-2016-3749

server/LockSettingsService.java in LockSettingsService in Android 6.x before 2016-07-01 allows attackers to modify the screen-lock password or pattern via a crafted application, aka internal bug 28163930.

CVE-2016-3757

The print_maps function in toolbox/lsof.c in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows user-assisted attackers to gain privileges via a crafted application that attempts to list a long name of a memory-mapped file, aka internal bug 28175237. ...

CVE-2016-3767

The MediaTek Wi-Fi driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28169363 and MediaTek internal bug ALPS02689526.

CVE-2016-3798

The MediaTek hardware sensor driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28174490 and MediaTek internal bug ALPS02703105.