Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GoogleAndroid

7770 matches found

CVE
CVEadded 2019/09/27 7:15 p.m.29 views

CVE-2019-2147

In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116474108

6.5CVSS6.4AI score0.00125EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.29 views

CVE-2019-2161

In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112553431

6.5CVSS6.4AI score0.00125EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.29 views

CVE-2019-2163

In libxaac there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118138797

6.5CVSS6.4AI score0.00125EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.29 views

CVE-2019-2168

In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118492594

6.5CVSS6.4AI score0.00125EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.29 views

CVE-2019-2171

In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113035086

6.5CVSS6.4AI score0.00125EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.29 views

CVE-2019-2189

In the Easel driver, there is possible memory corruption due to race conditions. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112312381

6.9CVSS7.2AI score0.0001EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.29 views

CVE-2019-9317

In libstagefright, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112052258

6.5CVSS6.5AI score0.00244EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.29 views

CVE-2019-9342

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111214470

7.5CVSS7.2AI score0.00312EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.29 views

CVE-2019-9435

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80146682

5.5CVSS5.6AI score0.00017EPSS
CVE
CVEadded 2020/03/10 8:15 p.m.29 views

CVE-2020-0061

In Pixel Recorder, there is a possible permissions bypass allowing arbitrary apps to record audio. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-14...

5.5CVSS5.9AI score0.00013EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.29 views

CVE-2020-0171

In Parse_lart of eas_mdls.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-127313223

6.5CVSS6.8AI score0.00345EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.29 views

CVE-2020-0208

In multiple functions of AccountManager.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145207098

7.8CVSS8.2AI score0.00012EPSS
CVE
CVEadded 2020/09/17 9:15 p.m.29 views

CVE-2020-0314

In AudioService, there are missing permission checks. This could lead to local information disclosure of audio configuration with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154934920

5.5CVSS5.8AI score0.00015EPSS
CVE
CVEadded 2020/09/17 7:15 p.m.29 views

CVE-2020-0403

In the FPC TrustZone fingerprint App, there is a possible invalid command handler due to an exposed test feature. This could lead to local escalation of privilege in the TEE, with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

7.2CVSS7.2AI score0.00013EPSS
CVE
CVEadded 2020/12/15 4:15 p.m.29 views

CVE-2020-0476

In onNotificationRemoved of Assistant.java, there is a possible leak of sensitive information to logs. This could lead to local information disclosure with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-1620145...

4.4CVSS4.9AI score0.00018EPSS
CVE
CVEadded 2020/12/15 4:15 p.m.29 views

CVE-2020-0481

In AndroidManifest.xml, there is a possible permissions bypass. This could lead to local escalation of privilege allowing a non-system app to send a broadcast it shouldn't have permissions to send, with no additional execution privileges needed. User interaction is not needed for exploitation.Produ...

3.3CVSS5.3AI score0.00012EPSS
CVE
CVEadded 2020/12/15 4:15 p.m.29 views

CVE-2020-0484

In destroyResources of ComposerClient.h, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-155769496

6.7CVSS7.3AI score0.00019EPSS
CVE
CVEadded 2020/12/15 4:15 p.m.29 views

CVE-2020-0485

In areFunctionsSupported of UsbBackend.java, there is a possible access to tethering from a guest account due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Andr...

7.8CVSS8.1AI score0.00014EPSS
CVE
CVEadded 2020/12/15 4:15 p.m.29 views

CVE-2020-0486

In openAssetFileListener of ContactsProvider2.java, there is a possible permission bypass due to an insecure default value. This could lead to local escalation of privilege to change contact data with no additional execution privileges needed. User interaction is not needed for exploitation.Product...

7.8CVSS8.2AI score0.00012EPSS
CVE
CVEadded 2020/12/15 4:15 p.m.29 views

CVE-2020-0492

In BitstreamFillCache of bitstream.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: ...

6.5CVSS6.7AI score0.0041EPSS
CVE
CVEadded 2020/03/24 6:15 p.m.29 views

CVE-2020-10838

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. PROCA allows a use-after-free and arbitrary code execution. The Samsung ID is SVE-2019-16132 (February 2020).

7.8CVSS8AI score0.0002EPSS
CVE
CVEadded 2020/09/11 10:15 p.m.29 views

CVE-2020-25281

An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. Applications with sensitive security settings (such as the package verifier application) mishandle unknown-source installations. The LG ID is LVE-SMP-190002 (September 2020).

7.5CVSS7.5AI score0.00092EPSS
CVE
CVEadded 2020/12/15 4:15 p.m.29 views

CVE-2020-27023

In setErrorPlaybackState of BluetoothMediaBrowserService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: And...

4.4CVSS5AI score0.00018EPSS
CVE
CVEadded 2020/12/15 4:15 p.m.29 views

CVE-2020-27024

In smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure triggered by a malformed Bluetooth packet, with no additional execution privileges needed. User interaction is not needed for explo...

7.5CVSS7.3AI score0.00312EPSS
CVE
CVEadded 2020/12/15 4:15 p.m.29 views

CVE-2020-27031

In nfc_data_event of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-15131320...

4.4CVSS4.9AI score0.00016EPSS
CVE
CVEadded 2020/12/15 5:15 p.m.29 views

CVE-2020-27037

In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...

4.4CVSS4.9AI score0.00018EPSS
CVE
CVEadded 2020/12/15 5:15 p.m.29 views

CVE-2020-27040

In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...

4.4CVSS4.9AI score0.00018EPSS
CVE
CVEadded 2020/12/15 5:15 p.m.29 views

CVE-2020-27045

In CE_SendRawFrame of ce_main.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157...

7.8CVSS8.3AI score0.00096EPSS
CVE
CVEadded 2020/12/15 5:15 p.m.29 views

CVE-2020-27052

In getLockTaskLaunchMode of ActivityRecord.java, there is a possible way for any app to start in Lock Task Mode due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Andr...

7.8CVSS8.1AI score0.00012EPSS
CVE
CVEadded 2021/03/10 4:15 p.m.29 views

CVE-2021-0376

In checkUriPermission and related functions of MediaProvider.java, there is a possible way to access external files due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: ...

7.8CVSS7.7AI score0.00012EPSS
CVE
CVEadded 2021/10/25 2:15 p.m.29 views

CVE-2021-0409

In flv extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561359; Issue ID: ALPS05561359.

5.5CVSS5AI score0.00015EPSS
CVE
CVEadded 2021/06/11 3:15 p.m.29 views

CVE-2021-25384

An improper input validation vulnerability in sdfffd_parse_chunk_PROP() with Sample Rate Chunk in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

9.8CVSS9.6AI score0.00153EPSS
CVE
CVEadded 2021/06/11 3:15 p.m.29 views

CVE-2021-25413

Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows local attackers to get permissions to access arbitrary data with Samsung Contacts privilege.

5.5CVSS5.4AI score0.00012EPSS
CVE
CVEadded 2021/12/08 3:15 p.m.29 views

CVE-2021-25519

An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission.

4CVSS3.8AI score0.00016EPSS
CVE
CVEadded 2023/09/04 2:15 a.m.29 views

CVE-2022-47352

In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

4.4CVSS4.6AI score0.00009EPSS
CVE
CVEadded 2023/05/09 2:15 a.m.29 views

CVE-2022-47495

In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

4.4CVSS4.7AI score0.0001EPSS
CVE
CVEadded 2023/06/06 6:15 a.m.29 views

CVE-2022-48442

In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

6.2CVSS5.4AI score0.00024EPSS
CVE
CVEadded 2023/07/12 9:15 a.m.29 views

CVE-2022-48450

In bluetooth service, there is a possible missing params check. This could lead to local denial of service with System execution privileges needed.

4.4CVSS4.7AI score0.00011EPSS
CVE
CVEadded 2023/12/04 1:15 a.m.29 views

CVE-2022-48463

In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

5.5CVSS5.5AI score0.00011EPSS
CVE
CVEadded 2023/07/04 2:15 a.m.29 views

CVE-2023-20753

In rpmb, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460390; Issue ID: ALPS07588667.

6.7CVSS6.7AI score0.00028EPSS
CVE
CVEadded 2023/10/30 5:15 p.m.29 views

CVE-2023-21323

In Activity Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitati...

5.5CVSS5.6AI score0.00027EPSS
CVE
CVEadded 2023/10/30 5:15 p.m.29 views

CVE-2023-21341

In Permission Manager, there is a possible way to bypass required permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

7.8CVSS7.8AI score0.00004EPSS
CVE
CVEadded 2023/06/06 6:15 a.m.29 views

CVE-2023-30865

In dialer service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

5.5CVSS5.2AI score0.00021EPSS
CVE
CVEadded 2023/07/12 9:15 a.m.29 views

CVE-2023-30917

In DMService, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.

7.8CVSS7.7AI score0.00031EPSS
CVE
CVEadded 2023/07/12 9:15 a.m.29 views

CVE-2023-30918

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

5.5CVSS5.2AI score0.00021EPSS
CVE
CVEadded 2023/07/12 9:15 a.m.29 views

CVE-2023-30932

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

5.5CVSS5.2AI score0.00011EPSS
CVE
CVEadded 2023/07/12 9:15 a.m.29 views

CVE-2023-30942

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

5.5CVSS5.2AI score0.00012EPSS
CVE
CVEadded 2023/12/04 4:15 a.m.29 views

CVE-2023-32859

In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08000473; Issue ID: ALPS08000473.

6.7CVSS6.9AI score0.00037EPSS
CVE
CVEadded 2023/12/04 4:15 a.m.29 views

CVE-2023-32860

In display, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929788; Issue ID: ALPS07929788.

6.7CVSS6.9AI score0.00039EPSS
CVE
CVEadded 2023/12/04 4:15 a.m.29 views

CVE-2023-32865

In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363456; Issue ID: ALPS07363456.

6.7CVSS6.7AI score0.00027EPSS
Total number of security vulnerabilities7770