CVE-2020-0314

In AudioService, there are missing permission checks. This could lead to local information disclosure of audio configuration with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154934920

CVE-2020-0403

In the FPC TrustZone fingerprint App, there is a possible invalid command handler due to an exposed test feature. This could lead to local escalation of privilege in the TEE, with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

CVE-2020-0476

In onNotificationRemoved of Assistant.java, there is a possible leak of sensitive information to logs. This could lead to local information disclosure with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-1620145...

CVE-2020-0481

In AndroidManifest.xml, there is a possible permissions bypass. This could lead to local escalation of privilege allowing a non-system app to send a broadcast it shouldn't have permissions to send, with no additional execution privileges needed. User interaction is not needed for exploitation.Produ...

CVE-2020-0484

In destroyResources of ComposerClient.h, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-155769496

CVE-2020-0485

In areFunctionsSupported of UsbBackend.java, there is a possible access to tethering from a guest account due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Andr...

CVE-2020-0492

In BitstreamFillCache of bitstream.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: ...

CVE-2020-10838

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. PROCA allows a use-after-free and arbitrary code execution. The Samsung ID is SVE-2019-16132 (February 2020).

CVE-2020-25281

An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. Applications with sensitive security settings (such as the package verifier application) mishandle unknown-source installations. The LG ID is LVE-SMP-190002 (September 2020).

CVE-2020-27023

In setErrorPlaybackState of BluetoothMediaBrowserService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: And...

CVE-2020-27024

In smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure triggered by a malformed Bluetooth packet, with no additional execution privileges needed. User interaction is not needed for explo...

CVE-2020-27029

In TextView of TextView.java, there is a possible app hang due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-140218875

CVE-2020-27031

In nfc_data_event of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-15131320...

CVE-2020-27037

In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...

CVE-2020-27047

In ce_t4t_update_binary of ce_t4t.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-1...

CVE-2020-27052

In getLockTaskLaunchMode of ActivityRecord.java, there is a possible way for any app to start in Lock Task Mode due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Andr...

CVE-2021-0409

In flv extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561359; Issue ID: ALPS05561359.

CVE-2021-0464

In sound_trigger_event_alloc of platform.h, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kerne...

CVE-2021-0629

In mdlactl driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05776625; Issue ID: ALPS05776625.

CVE-2021-25384

An improper input validation vulnerability in sdfffd_parse_chunk_PROP() with Sample Rate Chunk in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

CVE-2021-25391

Intent redirection vulnerability in Secure Folder prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action.

CVE-2021-25413

Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows local attackers to get permissions to access arbitrary data with Samsung Contacts privilege.

CVE-2021-25456

OOB read vulnerability in libswmfextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute memcpy at arbitrary address via forged wmf file.

CVE-2021-25519

An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission.

CVE-2022-47352

In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE-2022-47495

In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

CVE-2022-48442

In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

CVE-2022-48463

In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

CVE-2023-20753

In rpmb, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460390; Issue ID: ALPS07588667.

CVE-2023-21316

In Content, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21323

In Activity Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitati...

CVE-2023-21338

In Input Method, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21345

In Game Manager Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploi...

CVE-2023-30865

In dialer service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

CVE-2023-30917

In DMService, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.

CVE-2023-30932

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

CVE-2023-30942

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

CVE-2023-32859

In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08000473; Issue ID: ALPS08000473.

CVE-2023-32860

In display, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929788; Issue ID: ALPS07929788.

CVE-2023-32865

In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363456; Issue ID: ALPS07363456.

CVE-2023-33895

In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

CVE-2023-33897

In libimpl-ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

CVE-2023-33904

In hci_server, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

CVE-2023-35691

there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-42671

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE-2023-42672

In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE-2023-42690

In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE-2023-42693

In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE-2023-42739

In engineermode service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE-2015-9043

In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced upon the expiry of a timer.