8153 matches found
CVE-2026-0063
CVE-2026-0063 affects the Android framework component PhoneInterfaceManager.java, where a logic error in setAllowedCarriers could disable carrier restrictions, enabling local privilege escalation with no additional privileges and no user interaction required. The issue is cataloged as an Elevatio...
CVE-2026-0152
CVE-2026-0152 affects the OSMMapPMRGeneric path in pmr_os.c. A logic error may allow abusing a system-call sequence to expand the VMA out of bounds, enabling local privilege escalation with no extra privileges or user interaction required. Documented impact is high for confidentiality, integrity,...
CVE-2026-20411
CVE-2026-20411 affects the cameraisp component, with a use-after-free condition that enables escalation of privileges and could cause local denial of service when the attacker already has System privileges. Exploitation is reported as not requiring user interaction. The vulnerability is accompani...
CVE-2025-20698
CVE-2025-20698 affects Power HAL and describes an out-of-bounds write caused by a missing bounds check. The impact is local escalation of privilege to System level without user interaction. The vulnerability details indicate the presence of a patch (ALPS09915400) and a tracked Issue ID (MSV-3793)...
CVE-2025-32348
CVE-2025-32348 affects Android devices. The underlying issue is a missing permission check in multiple locations that can allow a background activity to be launched, enabling local elevation of privilege without additional execution privileges, and no user interaction is required to exploit. The ...
CVE-2025-36889
CVE-2025-36889 is a local information-disclosure vulnerability affecting Google Pixel devices in the Camera2 path. The issue arises in onCreateTasks of CameraActivity.java where a permission bypass due to a confused deputy could allow information disclosure without requiring additional execution ...
CVE-2025-36928
CVE-2025-36928 : The issue is a potential out-of-bounds write in GetHostAddress of gxp_buffer.h caused by an incorrect bounds check. This can enable local escalation of privilege with no extra execution privileges required and no user interaction needed. Affected reports appear in multiple feeds ...
CVE-2025-36930
CVE-2025-36930 involves a potential out-of-bounds write in GetHostAddress of gxp_buffer.h, caused by a missing bounds check. This can lead to local elevation of privilege with no extra execution privileges or user interaction required. Multiple feeds (NVD, Red Hat, ENISA, CVE lists, and Android P...
CVE-2025-48555
The CVE-2025-48555 entry concerns a vulnerability in the Android code path involving NotificationStation.java, where cross-profile information disclosure can occur due to a confused deputy. The impact is local privilege escalation without requiring additional execution privileges or user interact...
CVE-2025-48583
CVE-2025-48583 involves a logic error in BaseBundle.java across multiple Android components, enabling potential arbitrary code execution and local privilege escalation without user interaction. The issue is described consistently across NVD/Red Hat/OSV and related sources as an Elevation of Privi...
CVE-2025-48599
The CVE-2025-48599 entry concerns the WifiScanModeActivity.java code path, where a missing permission check could allow local escalation of privilege. Multiple connected sources (Red Hat CVE page, ENISA EUVD entry, CNNVD, NVD, and OSV/CVE lists) describe the issue as a local privilege elevation w...
CVE-2025-48609
CVE-2025-48609 involves a path traversal issue in MmsProvider.java across Google Android components that can allow arbitrary file deletion and impact telephony, SMS, and MMS features. The vulnerability can cause a local denial of service without extra privileges or user interaction, as reported b...
CVE-2025-48615
Technical details (affected product/version, root cause, exploitability, impact, patch) for CVE-2025-48615 are not publicly provided in the supplied documents. The CVE is referenced in patch previews but no specifics are available here.
CVE-2025-48620
CVE-2025-48620 affects Android's VoiceInteractionManagerService.java (onSomePackagesChanged). Description indicates a logic error could allow a third-party component name to persist after uninstall, enabling local privilege escalation with no extra privileges and no user interaction required. Con...
CVE-2025-48635
CVE-2025-48635 affects Google Android, with a logic error in multiple paths of TaskFragmentOrganizerController.java that leaks an activity token. The vulnerability can enable local elevation of privilege without additional execution privileges and without user interaction. The issue is described ...
CVE-2025-48644
CVE-2025-48644 is described across multiple sources as a DoS issue caused by improper input validation in various locations, enabling a local denial-of-service with no user interaction or additional privileges required. The linked documents consistently frame the impact as a persistent DoS affect...
CVE-2025-48653
CVE-2025-48653 affects Google Android, with a logic error in loadDataAndPostValue across multiple files that may obscure permission usage and enable local privilege escalation without extra privileges or user interaction. Affects Android components as described in multiple feeds; CVSS vectors ind...
CVE-2025-61610
CVE-2025-61610 affects UNISOC nr modem. The issue is improper input validation in the modem’s processing, which can cause a system crash and remote denial of service without extra privileges. CVSS v3.1 vector indicates network attack, low attack complexity, no user interaction, and availability i...
CVE-2026-0013
CVE-2026-0013 affects the DocumentsUI path in Android (Documents UI, DocumentsUI/Picker flow via PickActivity.setupLayout). The vulnerability allows a confused deputy to start any activity from within a DocumentsUI app, enabling local privilege elevation without extra execution privileges or user...
CVE-2026-0021
CVE-2026-0021 describes a cross-user permission bypass in AppInfoBase.java (hasInteractAcrossUsersFullPermission). The flaw enables local escalation of privilege with no extra execution privileges required and no user interaction needed to exploit. Android ecosystem sources (NVD/NCSC/CIRCL/CVELIS...
CVE-2026-0032
CVE-2026-0032 describes a possible out-of-bounds write in multiple functions of the mem_protect.c file, caused by a logic error, enabling local escalation of privilege with no additional execution privileges and without user interaction. The affected component appears to be kernel/media-related c...
CVE-2026-0075
The CVE-2026-0075 entry describes a SQL injection that could permit access to the contacts database, enabling local escalation of privilege with no additional privileges required and no user interaction needed. Connected documents (including RH/CVE, EUVD, NVD, CNNVD, and others) reiterate the sam...
CVE-2025-20730
CVE-2025-20730 concerns MediaTek’s MediaTek ALPS preloader with an insecure default value that can enable local elevation of privilege. The vulnerability allows a scenario where a user with System privileges could escalate further without user interaction. The CVE is documented across multiple fe...
CVE-2025-36923
CVE-2025-36923 affects the NrmmDecoder::DecodeSORTransparentContext function in cn_NrmmDecoder.cpp, where a heap buffer overflow can cause an out-of-bounds write. This could enable remote (proximal/adjacent) escalation of privilege with no user interaction required. Exploitation details, affected...
CVE-2025-36927
CVE-2025-36927 concerns a potential out-of-bounds write in GetTachyonCommand within tachyon_server_common.h. The issue arises from a missing bounds check, enabling local escalation of privilege without additional execution privileges or user interaction, as described across multiple connected rec...
CVE-2025-36935
CVE-2025-36935 involves a memory corruption flaw in the function trusty_ffa_mem_reclaim inside shared-mem-smcall.c. The issue arises from uninitialized data and can enable local escalation of privilege without requiring extra execution privileges. Exploitation reportedly does not require user int...
CVE-2025-48538
CVE-2025-48538 affects the Android Framework, specifically the PackageManagerService.setApplicationHiddenSettingAsUser function. The root cause is improper input validation when hiding system-critical packages, which can allow local denial of service without requiring exploits or user interaction...
CVE-2025-48564
CVE-2025-48564 affects Android Framework components and is caused by a race-condition that enables an attacker to bypass intent filters, leading to local escalation of privilege with no extra execution privileges or user interaction required. Multiple connected sources describe this as a local Eo...
CVE-2025-48580
Technical details about CVE-2025-48580 are not publicly provided in the supplied documents. Monitor for updates from Android bulletin and vendor advisories for complete root-cause, affected products, and fixes.
CVE-2025-48592
CVE-2025-48592 describes a vulnerability in the C2SoftDav1dDec.cpp decoder where in initDecoder there is an out-of-bounds read caused by a heap buffer overflow. This can lead to remote information disclosure without extra privileges or user interaction. The available connected sources (Red Hat, E...
CVE-2025-48610
CVE-2025-48610 stems from a logic error in mem_protect.c __pkvm_guest_relinquish_to_host, enabling a local information disclosure without required privileges or user interaction. Affected component: Android/Linux kernel KVM (pkvm) code path. Impact: potential leakage of configuration data. Exploi...
CVE-2025-48619
CVE-2025-48619 affects Android’s ContentProvider.java (ContentProvider) where a logic error can let an app with read-only access truncate files, causing local elevation of privilege without extra privileges or user interaction. Public sources (NVD/NVDCNVD) describe the issue and note Android secu...
CVE-2025-48627
CVE-2025-48627 affects the Android Framework, specifically the startNextMatchingActivity path in ActivityTaskManagerService.java. The issue is a logic error that can allow launching an activity from the background, resulting in local escalation of privilege without additional execution privileges...
CVE-2025-48640
CVE-2025-48640 is described across multiple connected sources as a remote elevation of privilege in Android components caused by a missing permission check during 3rd‑party passkey entry pairing approval. The impact is high (CVE notes adjacent/remote escalation with no user interaction) with a lo...
CVE-2026-0018
The CVE-2026-0018 issue affects AccessibilityManagerService.java and represents a local DoS caused by improper input validation across multiple functions. The impact is a persistent Denial of Service requiring no user interaction, with an attacker likely able to trigger it locally. The CVSS 3.1 v...
CVE-2026-0060
Technical details about CVE-2026-0060 are not publicly available in the provided documents. No affected products, vectors, or mitigations are specified here. Monitor for updates as new information becomes available.
CVE-2026-0088
The CVE-2026-0088 affects Android’s CertInstaller.getCallingAppLabel, where a misleading or insufficient UI could allow hiding a sensitive security dialogue. This enables local privilege escalation with no extra privileges and no user interaction required for exploitation, as described across NVD...
CVE-2026-0124
CVE-2026-0124 is described in connected sources as an out-of-bounds write due to a missing bounds check that enables local Elevation of Privilege without user interaction. In the Pixel security bulletin, it is listed under Pixel vulnerabilities as a Bootloader issue (EoP, Critical). The Red Hat a...
CVE-2026-0161
CVE-2026-0161 affects Google Android (Pixel bulletin context) with an out-of-bounds write in RtpSession.cpp due to an integer overflow in numberOfReportBlocks, enabling remote privilege escalation without user interaction. Connected sources (Android Pixel bulletin) flag this as an Elevation of Pr...
CVE-2026-28581
Technical details for CVE-2026-28581 are not publicly available in the provided documents; monitor for updates.
CVE-2025-20697
CVE-2025-20697 : In Power HAL (MediaTek), an out-of-bounds write caused by a missing bounds check could enable local escalation of privilege if the attacker already has System privileges. Exploitation requires no user interaction. A patch is available: ALPS09915681 (MSV-3795). Multiple feeds corr...
CVE-2025-20705
CVE-2025-20705 concerns a memory corruption issue (use-after-free) in the MediaTek Modem’s monitor_hang path that could enable local privilege escalation if an attacker already has System privileges. Exploitation is described as not requiring user interaction. The vulnerability is tied to a patch...
CVE-2025-20721
Inimgsensor, there is a confirmed out-of-bounds write due to a missing bounds check that can enable local escalation of privilege when System privileges are present. No user interaction is required. The issue is tracked with Patch ID ALPS10089545 and Issue ID MSV-4279. Affected component is imgse...
CVE-2025-20746
The CVE-2025-20746 entry concerns GNSS service software (as referenced across multiple sources) with an out-of-bounds write caused by an incorrect bounds check. This condition can enable local privilege escalation to System if already present, with no user interaction required. The vulnerability ...
CVE-2025-20768
CVE-2025-20768: A memory bounds-checking fault causes an out-of-bounds read, enabling local privilege escalation if an attacker already has SYSTEM privileges. No user interaction required. Patch ALPS10196993 (MSV-4805) is available; impact is described with HIGH confidentiality/integrity/availabi...
CVE-2025-20785
CVE-2025-20785 affects MediaTek chipsets (display component). The issue is a memory corruption via a use-after-free in display paths, leading to local privilege escalation if an attacker already has System privileges. Exploitation details or in-the-wild status are not provided in the documents. A...
CVE-2025-20795
CVE-2025-20795 describes an out-of-bounds write in the KeyInstall component caused by a missing bounds check, enabling local escalation to System privileges. Exploitation does not require user interaction per the description. Public records reference a patch: ALPS10276761 (MSV-5141). The CVSS met...
CVE-2025-21024
Samsung Smart View before Android 16 is affected by CVE-2025-21024 due to the use of implicit intents for sensitive communication, enabling local attackers to access sensitive information through the affected component. The issue is described across multiple sources as a vulnerability in Smart Vi...
CVE-2025-22426
CVE-2025-22426 involves a logic error in ComputerEngine.java that can allow cross-user access to URIs, enabling local privilege escalation without user interaction. Exploitation details and affected product/version specifics are not provided in the documents; remediation/patch details are not exp...
CVE-2025-36922
CVE-2025-36922 is a kernel-side issue in bigo_map() within bigo_iommu.c that enables information disclosure via a use-after-free, enabling local privilege escalation with SYSTEM-level execution privileges. Exploitation is not user-initiated. Affected platform details in public postings point to P...