8153 matches found
CVE-2023-20773
CVE-2023-20773 affects vow with a missing permission check that enables local privilege escalation. Documented impact is local escalation without extra execution privileges; user interaction is not required. Reported affected hardware in related sources includes MediaTek chips (e.g., MT6580, MT67...
CVE-2023-20807
CVE-2023-20807 affects MediaTek’s dpe component, where a missing bounds check enables an out-of-bounds write. This is described as a local escalation of privilege with System execution privileges required, and no user interaction is needed for exploitation. The issue is associated with the dpe mo...
CVE-2023-20814
The CVE-2023-20814 issue is described as an out-of-bounds write in the MediaTek WLAN service caused by improper input validation, enabling local escalation to SYSTEM with no user interaction. Affected software is MediaTek WLAN components; root cause is a buffer/bounds check failure. Impact is loc...
CVE-2023-30863
CVE-2023-30863 concerns the Connectivity Service and cites a missing permission check as the root cause. The vulnerability enables local escalation of privilege with no additional execution privileges, matching CVSS 3.1 metrics: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (base score 7.8). The connected ...
CVE-2023-30915
CVE-2023-30915 : The issue is a missing permission check in the email service , enabling possible local information disclosure without extra execution privileges. The NVD entry lists a CVSS v3.1 base score of 5.5 (MEDIUM), with LOCAL attack vector, LOW attack complexity and LOW privileges require...
CVE-2023-30916
CVE-2023-30916 concerns a missing permission check in DMService that could enable local privilege escalation with no extra privileges required. Public sources reference DMService across several Unisoc (UNISOC) chipsets, including SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T618, T612, T616...
CVE-2023-30917
CVE-2023-30917 affects DMService in Unisoc chipsets (e.g., SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T618, etc.) due to a missing permission check, enabling local privilege escalation with no additional privileges. NVD data shows CVSS v3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (base...
CVE-2023-30929
CVE-2023-30929 describes a local privilege escalation in the telephony service due to a missing permission check. Connected sources link this to UNISOC chipset telephony implementations (e.g., SC98xx/SC77xx/T610 and related models) and similar Red Hat/NVD entries reiterate the local-privilege imp...
CVE-2023-32853
CVE-2023-32853 describes a possible out-of-bounds write in the rpmb module that could enable local privilege escalation with System-level privileges; no user interaction is required for exploitation. The description states a missing bounds check as the root cause. Patch ID: ALPS07648764; Issue ID...
CVE-2023-32854
CVE-2023-32854 affects MediaTek devices via the ril module, with an out-of-bounds write caused by a missing bounds check. This can enable local escalation of privileges to SYSTEM level without user interaction. Patch: ALPS08240132 (Issue ALPS08240132) is referenced as the remediation. No exploita...
CVE-2023-32870
CVE-2023-32870 affects the display drm module (MediaTek context from multiple sources). The vulnerability is caused by a missing bounds check, leading to an out-of-bounds read. Implications are local escalation of privilege with SYSTEM-level execution required; exploitation does not require user ...
CVE-2023-33890
CVE-2023-33890 concerns a missing permission check in the telephony service, enabling local information disclosure without extra privileges. Multiple sources (including UNISOC-related disclosures) consistently attribute the issue to the telephony component, with an attack vector classified as LOC...
CVE-2023-38444
CVE-2023-38444 concerns the vowifiservice component, where a missing permission check is the root cause. This enables local privilege escalation with no additional execution privileges, with an attack vector localized to the host. The connected documents confirm the issue and its impact but do no...
CVE-2023-40646
CVE-2023-40646 affects UNISOC chipsets’ Messaging component where a missing permission check could allow local information disclosure without requiring additional execution privileges. The NVD entry reports a CVSS v3.1 base score of 5.5 (Impact: Confidentiality High; Privileges Required Low; Atta...
CVE-2023-42671
The CVE-2023-42671 issue affects imsservice and stems from a missing permission check, allowing an app to write permission usage records and potentially disclose information locally. This is a local information disclosure vulnerability with no additional execution privileges required. Affected co...
CVE-2023-42690
CVE-2023-42690 concerns a missing permission check in the wifi service of UNISOC chipsets, enabling local escalation of privilege with no additional execution privileges required. The NVD entry rates this as CVSSv3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (base score 7.8, HIGH). Connected documents...
CVE-2023-42693
CVE-2023-42693 : The issue is a missing permission check in the wifi service of UNISOC chipsets, enabling local escalation of privilege with no extra execution privileges required. Connected sources confirm the affected component as the wifi service and describe the impact as local privilege elev...
CVE-2023-42716
CVE-2023-42716 involves a missing permission check in the telephony service, enabling potential remote information disclosure over the network without privileges or user interaction. Connected documents reference UNISOC chipsets and the telephony service as affected, with the core issue being ins...
CVE-2023-42741
Summary (supported by provided documents): CVE-2023-42741 concerns a telecom service vulnerability, arising from a missing permission check that enables writing an app’s permission usage records. This can cause local information disclosure without additional execution privileges. Documents consis...
CVE-2023-44129
Summary: CVE-2023-44129 affects LG-patched Android Messaging (com.android.mms) via the exported activity com.android.mms.ui.QClipIntentReceiverActivity. An attacker can trigger the activity, broadcast the action com.lge.message.action.QCLIP, and send their own data with Intent.FLAG_GRANT_*; the p...
CVE-2023-48354
CVE-2023-48354 concerns UNISOC chipsets with a weakness in the telephone service caused by improper input validation. The underlying issue allows local information disclosure without requiring additional execution privileges. The Red Hat/NVD entries describe the same problem but do not specify af...
CVE-2023-48357
CVE-2023-48357 affects the Unisoc vsp driver. The root cause is a missing bounds check that enables an out-of-bounds write, leading to local denial of service with system execution privileges required. Based on connected docs, affected component is the vsp driver; exploitation status is not detai...
CVE-2024-20113
The CVE-2024-20113 entry concerns the MediaTek chipset component “ccu,” where a missing bounds check can cause an out-of-bounds write. This leads to local privilege escalation with SYSTEM execution privileges required, and no user interaction is needed for exploitation. Multiple connected sources...
CVE-2024-34663
CVE-2024-34663 concerns an integer overflow in libSEF.quram.so present on Samsung Mobile devices prior to SMR Oct-2024 Release 1. The issue enables local attackers to perform out-of-bounds memory writes, with a local attack vector and no user interaction required. Publicly documented impact indic...
CVE-2025-32322
CVE-2025-32322 concerns a vulnerability in the Wear OS/Android platform involving onCreate in a media projection flow (MediaProjectionPermissionActivity.java). The issue arises from improper input validation that could allow a malicious app to obtain a token enabling unauthorized screen recording...
CVE-2026-0087
CVE-2026-0087 : The connected sources identify a logic error in Android’s DomainVerificationService.java (approvalLevelForDomainInternal) that could allow hijacking an arbitrary app link, enabling local privilege escalation without user interaction. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:...
CVE-2014-9891
CVE-2014-9891 affects the Qualcomm qseecom driver (drivers/misc/qseecom.c) in Android on Nexus 5 devices prior to 2016-08-05. The issue arises from not validating certain buffer addresses, allowing a local attacker to escalate privileges via a crafted application that invokes an ioctl call. Impac...
CVE-2015-9049
CVE-2015-9049 is corroborated by connected sources describing an input-validation vulnerability in Qualcomm’s closed‑source components (USIM handling) within Android CAF Linux environments. CNVD-2017-26834 outlines an unauthorized-operations flaw in the Qualcomm Android component causing remote e...
CVE-2016-10236
CVE-2016-10236 describes an information-disclosure vulnerability in the Qualcomm USB driver affecting Android devices with affected Android kernel components. The NVD entry characterizes the issue as a local information exposure in the Qualcomm USB driver, with Pixel and Pixel XL listed among aff...
CVE-2016-2440
CVE-2016-2440 affects Android’s Binder component, specifically the code path in libs/binder/IPCThreadState.cpp within Binder. The description indicates that object references are mishandled, allowing a crafted application to gain privileges (elevation of privilege) on affected Android versions. A...
CVE-2016-2490
CVE-2016-2490 is an elevation-of-privilege flaw in the NVIDIA camera driver on Android for Nexus 9, allowing a crafted app to run with kernel context privileges. The Android June 2016 bulletin indicates patches were issued for Nexus devices; specific remediation for Nexus 9 is part of that update...
CVE-2016-3745
CVE-2016-3745 describes multiple buffer overflows in Android’s Mediaserver that enable privilege escalation via a crafted application passing an AudioEffect reply, allowing access to Signature or SignatureOrSystem. The issue affects Android 4.x up to 4.4.3 and versions 5.0.x up to 5.0.1, as well ...
CVE-2016-3749
The CVE affects Android 6.x (LockSettingsService) where server/LockSettingsService.java could be manipulated by a crafted application to change the screen-lock password or pattern. The root cause is an internal bug (28163930) in LockSettingsService that allows a local attacker to bypass user inte...
CVE-2016-3757
CVE-2016-3757 affects Android: the print_maps function in toolbox/lsof.c on Android 4.x up to 4.4.4, 5.0.x up to 5.0.2, 5.1.x up to 5.1.1, and 6.x before 2016-07-01 allows a user-assisted attacker to gain privileges by a crafted app that lists a long memory-mapped file name (internal bug 28175237...
CVE-2016-3769
CVE-2016-3769 refers to an elevation-of-privilege in the NVIDIA video driver on Android, specifically affecting Nexus 9 devices running versions prior to 2016-07-05. A crafted application can elevate privileges to compromise the kernel context. The Android security bulletin for 2016-07-01 / 2016-...
CVE-2016-3804
CVE-2016-3804 describes a privilege-escalation in the MediaTek power management driver on Android One devices, prior to 2016-07-05. The root cause is a vulnerability in the MediaTek power management driver that could be exploited by a crafted app to gain higher privileges within the kernel. Affec...
CVE-2016-3816
CVE-2016-3816 : Information disclosure in the MediaTek display driver on Android One devices, prior to 2016-07-05. A crafted application can access sensitive data via Mediaserver/display driver interaction. No exploitation details are provided beyond the Android bug reference. Mitigation: apply t...
CVE-2016-3905
CVE-2016-3905 affects the Qualcomm Wi‑Fi driver (CORE/HDD/wlan_hdd_main.c) in Android, before the 2016-10-05 patch, on Nexus 5X. A crafted application sending SENDACTIONFRAME can elevate privileges locally. The issue is documented with a High impact (CVE-2016-3905) and a CVSS3 base score of 7.8, ...
CVE-2016-3908
CVE-2016-3908 — Android Lock Settings Service bypass The vulnerability affects the Lock Settings Service in Android 6.x (before 2016-10-01) and Android 7.0 (before 2016-10-01). A local attacker could clear the device PIN/password via a crafted application, thereby gaining privileges. The issue is...
CVE-2016-6696
CVE-2016-6696 affects sound/soc/msm/qdsp6v2/msm-ds2-dap-config.c in the Qualcomm QDSP6v2 driver used by Android. The issue allows denial of service (and potentially unspecified impact) when a large negative value is used for the data length, described as Qualcomm internal bug CR 1041130. Connecte...
CVE-2016-8472
CVE-2016-8472 describes an information-disclosure vulnerability in the MediaTek driver on Android. The issue could allow a local malicious application to access data outside its permission levels by exploiting the MediaTek driver after compromising a privileged process. Affected product class is ...
CVE-2017-6424
CVE-2017-6424 is an elevation of privilege in the Qualcomm Wi‑Fi driver affecting Android kernel. Connected sources confirm a local exploit path in the Qualcomm Wi‑Fi stack and list affected devices as Nexus 5X, Nexus 6P, Nexus 9, Pixel C, Nexus Player with updates released for the 2017-04-01 pat...
CVE-2017-9708
The CVE-2017-9708 issue affects Android for MSM (and related CAF builds) in the camera driver. The race condition stems from msm_ois_power_down being invoked without a mutex, causing a race in the *reg_ptr variable within msm_camera_config_single_vreg. Impact is described as a race condition with...
CVE-2018-11826
CVE-2018-11826 causes a buffer overflow in the WLAN ext scan handler due to a missing check for integer overflow during memory size calculations in CAF Android/Linux kernel components. Affected: Qualcomm WLAN HOST (Android CAF stack). The issue is documented across multiple sources (NVD entry and...
CVE-2018-11988
CVE-2018-11988 affects CAF Android builds (Android for MSM, Firefox OS for MSM, QRD Android) via a Linux kernel issue described as an untrusted pointer dereference when accessing a variable that has already been freed. The vulnerability is classed as a Local attack with medium to high impact, dep...
CVE-2018-21083
CVE-2018-21083 affects Samsung mobile devices running M/N/O (6.0/7.x/8.0) on Exynos or Qualcomm chipsets. The issue is an information disclosure of a kernel address via trustonic_tee. Evidence across multiple sources (NVD entry, Red Hat advisory, CVE listing) confirms the vulnerability descriptio...
CVE-2018-3564
CVE-2018-3564 affects the FastRPC driver in CAF Android builds using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android). The issue is a Use-After-Free when mapping on the remote processor fails, potentially impacting components such as DSP_Services. The description notes that thi...
CVE-2018-3598
In CVE-2018-3598, the affected components are Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF Linux kernels prior to the 2018-04-05 patch level. The root cause is insufficient validation of parameters from userspace in the camera_v2 driver, leading to an information...
CVE-2018-5823
CVE-2018-5823 affects Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android on CAF Android kernels prior to the 2018-04-05 patch level. The vulnerability is due to improper buffer length validation in the extscan hotlist event, leading to a potential buffer overflow. The NVD/NVD-affiliate...
CVE-2018-5864
CVE-2018-5864 maps to a Qualcomm WMA information-disclosure vulnerability affecting Android devices (Pixel/Nexus) prior to the 2018-07-05 patch level. The issue arises during processing of WMI_APFIND events in CAF/Linux kernel-based Android builds, causing a potential buffer over-read and informa...