8153 matches found
CVE-2026-0026
CVE-2026-0026 describes a logic error in Android’s PermissionManagerServiceImpl.java removePermission path that could allow overriding any system permission, enabling local privilege escalation. Exploitation requires user interaction, and no additional execution privileges are stated. The connect...
CVE-2026-0027
The CVE-2026-0027 issue affects the arm-smmu-v3.c function smmu_detach_dev, where a use-after-free can cause an out-of-bounds write. This vulnerability enables local privilege escalation with System execution privileges required; exploitation does not require user interaction. The available conne...
CVE-2026-0031
CVE-2026-0031 affects Google Android’s kernel code (mem_protect.c) with an out-of-bounds write caused by an integer overflow. This vulnerability allows local privilege escalation without user interaction. Public references indicate Android kernel fixes/updates were released (and related advisorie...
CVE-2026-0045
CVE-2026-0045 concerns a logic error in the Bluetooth stack: in bta_jv_rfcomm_connect of bta_jv_act.cc , there is a possible bypass of bonding for a secure connection. This could allow local escalation of privilege with no additional execution privileges needed, and requires no user interaction t...
CVE-2026-0051
CVE-2026-0051 describes a vulnerability in multiple functions of ubsan_throwing_runtime.cpp that can trigger a system crash via improper input validation, leading to remote denial of service with no extra privileges and no user interaction required. The CVE is documented across NVD entries and re...
CVE-2025-48568
CVE-2025-48568 describes a race-condition vulnerability that allows a lockscreen bypass and local escalation of privilege. Reports across multiple sources indicate exploitation could occur with no user interaction and requires only local access, with no additional execution privileges needed. And...
CVE-2025-48570
CVE-2025-48570 involves PipTaskOrganizer.java in Android, where a confused deputy allows launching an activity from the background, enabling local elevation of privilege without extra execution privileges. The CVE is described as a local, high-severity issue (CVSS v3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:...
CVE-2025-48579
CVE-2025-48579 involves a local elevation-of-privilege in Android’s MediaProvider.java where a proxy/Confused Deputy behavior could bypass the external storage write permission. The issue can allow a local attacker to gain elevated privileges without additional execution privileges or user intera...
CVE-2025-48597
CVE-2025-48597 is an Android Framework–level tapjacking/overlay vulnerability that could enable local privilege escalation without user interaction. Reported details indicate the issue affects Android Framework components and is addressed via Android security patches at patch levels 2025-12-01 / ...
CVE-2025-48646
CVE-2025-48646 affects Google Android via the executeRequest path in ActivityStarter.java, enabling a possible elevation of privilege through a confused deputy. The issue is described as a local escalation of privilege requiring user interaction for exploitation. Affected context in public record...
CVE-2026-0015
CVE-2026-0015 affects Android components, notably multiple locations in AppOpsService.java where improper input validation can cause a persistent, local Denial of Service . Exploitation requires no user interaction and does not grant additional privileges. The Red Hat/NCSC/NVD entries corroborate...
CVE-2026-0028
CVE-2026-0028 affects the Linux kernel code path __pkvm_host_share_guest in mem_protect.c, where an integer overflow can cause an out-of-bounds write. This leads to local privilege escalation without user interaction. The existing references in the connected documents (Android kernel changes and ...
CVE-2026-0036
CVE-2026-0036 describes a tapjacking vulnerability in StageCoordinator.java that could enable local privilege escalation via a tapjacking/overlay attack without user interaction. The issue allows exploitation with local access and is associated with the Android platform (Android Bulletin context ...
CVE-2026-0037
CVE-2026-0037 corresponds to a memory corruption issue in multiple functions of ffa.c, caused by a logic error. The CVE affects Google Android components and is described as enabling local escalation of privilege with no extra execution privileges and no user interaction required. The impact is n...
CVE-2026-0040
CVE-2026-0040 affects code in ubsan_throwing_runtime.cpp where an integer overflow can crash the process, enabling remote denial of service with no user interaction. CVSSv3.1 metrics indicate NETWORK access, LOW privileges, LOW attack complexity, and HIGH availability impact. No remediation or ex...
CVE-2026-0061
CVE-2026-0061 involves multiple functions of WindowState.java where a tapjacking/overlay condition could trick a user into accepting a permission. The issue allows local privilege escalation with no additional execution privileges and does not require user interaction for exploitation, per the pr...
CVE-2026-0067
Technical details, affected products, and remediation are not publicly provided in the supplied documents. Monitor for updates from the listed sources; no concrete exploit or affected versions can be confirmed from the material available.
CVE-2026-0094
Technical details for CVE-2026-0094 are not publicly available in the provided documents; monitor for updates.
CVE-2026-0096
Technical details are not publicly available in the provided documents. Monitor for updates for potential affected products, impacted components, root cause, and remediation.
CVE-2026-0140
CVE-2026-0140 describes a potential out-of-bounds read in RtpPacket::decodePacket caused by an integer overflow that could lead to remote information disclosure. Exploitation requires user interaction; no remote code execution is stated. Connected sources (NVD, ENISA EUVD, OSV, PT-OSSecurity, And...
CVE-2026-0147
CVE-2026-0147 affects the mfc_core_nal_q_get_dec_metadata_sei_nal function in mfc_core_nal_q.c. The issue is an out-of-bounds write caused by a missing bounds check, which the documents state could enable remote code execution with no extra privileges and no user interaction. The vulnerability is...
CVE-2025-26431
CVE-2025-26431 affects Android Wear OS (and related Android framework components) through a logic error in setupAccessibilityServices inside AccessibilityFragment.java that can cause an enabled accessibility service to be hidden. This enables local privilege escalation with no extra privileges an...
CVE-2025-26461
CVE-2025-26461 affects Android's Permission Manager: a logic error allows the microphone privacy indicator to remain active after the app is closed, enabling local privilege escalation without additional privileges or user interaction. Reported as a low-severity issue (CVSS v3.1 base score 3.3) w...
CVE-2025-32329
CVE-2025-32329 affects Android Framework (Session.java). The described issue is a logic error in multiple Session.java functions that can permit viewing images belonging to another user on the device. This leads to local escalation of privilege with no additional execution privileges required and...
CVE-2025-36891
CVE-2025-36891 is an Elevation of Privilege affecting the Pixel WLAN subsystem (Android). The Pixel Update Bulletin classifies it as WLAN-related EoP with High severity and CVSSv3.1: 8.8 (Network attack vector, low attack complexity, low privileges required, no user interaction, scopes unchanged;...
CVE-2025-36892
CVE-2025-36892 is a Denial of Service vulnerability documented across multiple feeds, with confirmed impact on Google Pixel WLAN components. The NVD/Red Hat/NVD entries describe DoS as the issue’s outcome, rated CVSSv3.1 base score 7.5 (Network, Low attack complexity, No privileges, No user inter...
CVE-2025-48588
Technical details about CVE-2025-48588 are not publicly provided in the supplied documents. Monitor for updates from Android and vendor advisories to obtain affected products, root cause specifics, impact, and fixes.
CVE-2025-48600
CVE-2025-48600 is described across connected sources as an information-disclosure issue caused by a missing permission check that could reveal data across users with local access (no user interaction). The public references point to Android security bulletins and related Android source changes, s...
CVE-2025-48605
CVE-2025-48605 concerns Android’s KeyguardViewMediator.java, where a logic error in multiple functions enables a potential lockscreen bypass. The vulnerability allows local escalation of privilege without extra execution privileges and without user interaction, as described in multiple sources (N...
CVE-2025-48607
Technical details about CVE-2025-48607 are not publicly available in the provided documents. Sources reiterate a local DoS due to a logic error but do not specify affected products/versions or remediation. Monitor for updates.
CVE-2025-48641
CVE-2025-48641 describes a use-after-free in multiple functions of Nfc.h caused by a race condition, enabling local elevation of privilege with no extra execution privileges and without user interaction. The issue is documented across multiple feeds (NVD, Red Hat, RH/CVE, OSV) and is referenced i...
CVE-2026-0008
CVE-2026-0008 describes a local privilege escalation due to a confused deputy in multiple locations. Exploitation requires no user interaction and can lead to total privilege gain. Connected sources reference Android/Samsung updates; NCSC notes that Google fixed vulnerabilities in Android (14–16)...
CVE-2026-0011
CVE-2026-0011 is described across multiple sources as a logic error in enableSystemPackageLPw() within Settings.java that can prevent location access from functioning, enabling local privilege elevation without requiring additional execution privileges and without user interaction. This vulnerabi...
CVE-2026-0038
CVE-2026-0038 describes a logic error in mem_protect.c across multiple functions that could allow arbitrary code execution, leading to local privilege escalation with no additional privileges and without user interaction. The available sources consistently reference mem_protect.c but do not provi...
CVE-2026-0071
Summary: CVE-2026-0071 affects SettingsLib where a logic error may skip a permission check, enabling local escalation of privilege with no additional privileges or user interaction required. The vulnerability is described across NVD, ENISA EUVD, CVE records, and PT/security bulletins, all citing ...
CVE-2026-0095
The provided CVE-2026-0095 entries describe a vulnerability in the Bluetooth stack, specifically in the function l2c_fcr_clone_buf in l2c_fcr.cc. The issue is an integer overflow that can trigger controlled heap corruption within the privileged Bluetooth process, leading to local escalation of pr...
CVE-2026-0120
CVE-2026-0120 affects the modem (baseband) and is caused by an incorrect bounds check leading to an out-of-bounds write. This could enable remote code execution without privileges and without user interaction. Public details across sources confirm the issue and its critical impact, but do not pro...
CVE-2024-43766
CVE-2024-43766 describes an information-disclosure vulnerability in the Android Bluetooth stack caused by invalid error handling in multiple functions of a file named btm_ble_sec.cc . The issue could enable remote information disclosure to a proximal/adjacent attacker with no additional execution...
CVE-2025-32316
CVE-2025-32316 affects the Android graphics allocator: in gralloc4, a missing bounds check allows an out-of-bounds write, leading to local information disclosure without requiring user interaction or extra privileges. The NVD/Red Hat CNVD entries confirm the same issue; the Android 16 bulletin in...
CVE-2025-32317
CVE-2025-32317 affects the Android App Widget, where a confused deputy leads to a local information disclosure without extra privileges or user interaction. The issue is categorized as Information Disclosure (CVE type) with a CVSSv3.1 base score of 5.5 (Medium) and a Local attack vector with Conf...
CVE-2025-36900
CVE-2025-36900 refers to an out-of-bounds write caused by an integer overflow in the function lwis_test_register_io within lwis_device_test.c. The impact described across multiple sources is local elevation of privilege requiring system execution privileges, with no user interaction needed. Affec...
CVE-2025-48576
CVE-2025-48576 affects Android’s framework component NotificationManagerService.java, specifically the function updateNotificationChannelGroupFromPrivilegedListener. The issue is a possible permanent denial of service caused by resource exhaustion, leading to local DoS with no additional executio...
CVE-2025-48577
CVE-2025-48577 affects KeyguardViewMediator.java in Android, describing a race-condition that could allow a lockscreen bypass and local elevation of privilege without user interaction. Connected sources (NVD/RH/CNVD) corroborate the lockscreen bypass and local-privilege impact (I/H, C/H/A/H in CV...
CVE-2025-48578
CVE-2025-48578 is described across multiple sources as an elevation-of-privilege issue in Android’s MediaProvider.java, where a missing permission check could allow bypassing WRITE_EXTERNAL_STORAGE. The documented impact is local privilege escalation with no extra execution privileges required, a...
CVE-2025-48582
CVE-2025-48582 describes a local elevation-of-privilege in Android where media files can be deleted without MANAGE_EXTERNAL_STORAGE due to an intent redirect. The issue affects media-related components (MediaProvider/Media codecs) and can be exploited with local access and no user interaction. Th...
CVE-2025-48585
CVE-2025-48585 concerns multiple functions in ProfilingService.java, where improper input validation can cause a persistent local denial of service. The issue is described as a local impact with no privileges and no user interaction required for exploitation. The available sources (NVD, Red Hat, ...
CVE-2025-48616
CVE-2025-48616 affects a component in KeyguardViewMediator.java, enabling a bypass of lockdown mode via screen pinning due to a logic error. This can lead to local information disclosure without requiring exploitation privileges or user interaction. Document does not specify affected product vers...
CVE-2025-61614
CVE-2025-61614 affects the nr modem. The issue is a system crash caused by improper input validation, leading to remote denial of service with no privileges required. CVSS 3.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) yields a base score of 7.5 (HIGH). Exploitation details are not provided in the doc...
CVE-2026-0043
CVE-2026-0043 affects code paths in ubsan_throwing_runtime.cpp where an integer overflow can cause a persistent denial of service and local escalation of privilege without user interaction. The connected sources (NVD/NVD OSV/ENISA EUVD and related enrichments) consistently describe this flaw as a...
CVE-2026-0044
CVE-2026-0044 affects the UBSan throwing runtime implementation (ubsan_throwing_runtime.cpp) across multiple functions. The vulnerability is caused by an integer overflow, which can crash the system and result in a remote denial of service. Exploitation requires network access with low attack com...