8153 matches found
CVE-2026-0116
CVE-2026-0116 targets the __mfc_handle_released_buf function in mfc_core_isr.c, where a missing bounds check allows an out-of-bounds write. This can enable remote code execution with no privileges or user interaction required. Multiple sources (NVD, Red Hat, EUVD, vuln enrichment, and OSV entries...
CVE-2026-0127
The CVE-2026-0127 entry describes an out-of-bounds read caused by memory corruption in NrmmMsgCodec::DecodeUPUTransparentContext (cn_NrmmDecoder.cpp). This vulnerability allows a remote denial of service (communication processor crash) with no user interaction and requires network access (per CVS...
CVE-2026-20412
The CVE-2026-20412 issue affects the cameraisp component and involves an out-of-bounds write caused by a missing bounds check. This could enable local privilege escalation if an attacker already has System privileges, with no user interaction required. A patch is identified as ALPS10351676 (Issue...
CVE-2026-20414
CVE-2026-20414 affects the imgsys component. The issue is a use-after-free vulnerability that can enable local privilege escalation if an attacker already holds System privileges. Exploitation reportedly requires no user interaction. The advisory notes a patch: ALPS10362999 (Issue MSV-5625). Conn...
CVE-2026-20427
CVE-2026-20427 represents a local privilege escalation caused by a missing bounds check in the display path. The issue could allow a malicious actor who has already obtained System privileges to elevate further without user interaction. The description does not specify affected products or compon...
CVE-2026-20441
CVE-2026-20441 affects MediaTek MAE and describes a possible out-of-bounds write caused by a missing bounds check, potentially enabling local privilege escalation without user interaction once System privileges are obtained. The vulnerability details are consistently reported across multiple sour...
CVE-2025-11133
CVE-2025-11133 affects the Unisoc nr modem. The issue stems from improper input validation in the modem software, enabling a remote attacker to cause a system crash and remote denial of service without extra privileges. Affected products are Unisoc chipsets that include the nr modem component; Re...
CVE-2025-20772
CVE-2025-20772 is a memory corruption vulnerability disclosed across multiple feeds tied to MediaTek chipsets, described as a use-after-free in the display path that can lead to local privilege escalation to SYSTEM level. Exploitation is possible without user interaction, and the CVE lists a patc...
CVE-2025-20777
The CVE-2025-20777 entry describes a local privilege escalation on MediaTek chipsets via an out-of-bounds write caused by a missing bounds check in display handling. This could allow a user with System privileges to elevate to higher privileges without user interaction. Patch ALPS10184870 (MSV-47...
CVE-2025-32328
CVE-2025-32328 is an Android logic-error vulnerability in multiple Session.java functions that lets an attacker view images from another user, causing local privilege elevation with no extra execution privileges or user interaction required. Affected: Android Framework code path involving Session...
CVE-2025-36932
In the Google tracepoint IPC component, specifically in tracepoint_msg_handler of cpm/google/lib/tracepoint/tracepoint_ipc.c, a memory overwrite can occur due to improper input validation. This has the potential for local elevation of privilege without requiring additional execution privileges or...
CVE-2025-36938
CVE-2025-36938 concerns a fault injection vulnerability in U-Boot function append_uint32_le() caused by a logic error in the code. The issue enables physical elevation of privilege with no additional execution privileges required and no user interaction needed. Multiple sources (NVD/Red Hat/OSVed...
CVE-2025-48571
CVE-2025-48571 affects the btm_sec.cc code path and enables possible interception of SMS messages due to a logic error, leading to remote information disclosure with no extra privileges, requiring user interaction. The connected ENISA and NVD/NVD-derived entries corroborate this CVE as of Android...
CVE-2025-48613
The CVE-2025-48613 entry describes a vulnerability in VBMeta where an attacker can modify and resign VBMeta using a test key, assuming the original image was signed with the same key. This could enable local privilege escalation with no additional privileges or user interaction. Connected sources...
CVE-2025-48629
CVE-2025-48629 affects the Android framework component in which the insecure default for the default speech recognizer app can be exploited via the VoiceInteractionManagerService.findAvailRecognizer. The root cause is an insecure default value in this method, enabling local privilege escalation w...
CVE-2025-48636
The CVE-2025-48636 entry concerns a path traversal vulnerability in openFile of BugreportContentProvider.java that could allow reading and writing unauthorized files, enabling local privilege escalation without extra execution privileges or user interaction. The issue affects the described openFi...
CVE-2025-48643
CVE-2025-48643 is an Android system-level issue described across multiple sources as a provisioning bypass caused by improper input validation, enabling local privilege escalation with no user interaction. The Android 17 security release notes classify it under System, with type EoP and a High se...
CVE-2025-61612
CVE-2025-61612 concerns the ntr modem component (referred to as “nr modem” in the sources) and describes a crash caused by improper input validation that could enable remote denial of service with no privileges required. The available connected reports consistently list the affected software as n...
CVE-2025-61615
CVE-2025-61615 affects NR Modem. The vulnerability is due to improper input validation in NR Modem, which can trigger a system crash and lead to remote denial of service without needing privileges or user interaction. The available sources describe the impact as a denial of service with potential...
CVE-2025-69279
CVE-2025-69279 concerns a vulnerability in the nr modem where improper input validation can cause a system crash, enabling remote denial of service without requiring privileges. Multiple sources (NVD, Red Hat, EUVD, CVE list, etc.) describe the issue consistently, identifying the affected compone...
CVE-2026-0005
Technical details about CVE-2026-0005 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-0081
CVE-2026-0081 concerns the Android NFC stack. The connected documents indicate a missing permission check in NFC that could allow spoofing an NFC event, enabling local escalation of privilege without any additional execution privileges and without user interaction. The exploitation details are no...
CVE-2026-0083
Summary: CVE-2026-0083 describes a possible use-after-free in Nfc::eventCallback() within Nfc.h caused by a race condition, enabling local privilege escalation with no additional privileges and no user interaction required. Connected sources (NVD, EUVD, CIRCL, CVE lists) reproduce the same descri...
CVE-2026-0109
CVE-2026-0109 affects the function dhd_tcpdata_info_get in dhd_ip.c, enabling a remote Denial of Service due to a precondition check failure. Exploitation requires no user interaction and can be remote (network vector). The strongest public context comes from Android Pixel bulletin entries, which...
CVE-2026-0119
Summary: CVE-2026-0119 involves an out-of-bounds write caused by memory corruption in the function usim_SendMCCMNCIndMsg within usim_Registration.c. The vulnerability can enable a physical escalation of privilege with no additional execution privileges required and no user interaction needed. The...
CVE-2026-0125
CVE-2026-0125 is a local elevation-of-privilege issue caused by a use-after-free in vpu_ioctl.c across multiple functions, triggered by a race condition. The vulnerability allows a local attacker to escalate privileges without additional execution privileges or user interaction, as described in s...
CVE-2026-0132
CVE-2026-0132 concerns the Modem component. The connected documents describe a vulnerability where an out-of-bounds write occurs due to a heap buffer overflow, enabling remote code execution with no additional privileges and no user interaction required. The CVSS metrics indicate network attack v...
CVE-2026-0133
Affected component: arm-smmu-v3.c (smmu_attach_dev). The issue is a missing permission check that can allow signing malicious Android Runtime bootclass artifacts, enabling local escalation of privilege without extra execution privileges. Exploitation requires local access; user interaction is not...
CVE-2026-0134
CVE-2026-0134 describes a data persistence issue in PostWipeData within recovery_ui.cpp, exposing local information after a factory reset due to a logic error. Impact is information disclosure with no additional privileges required and no user interaction needed. The available documents do not sp...
CVE-2026-0139
CVE-2026-0139 affects the Modem with an out-of-bounds write caused by a missing bounds check, enabling remote code execution without privileges or user interaction. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) yields a base score of 8.8 (HIGH). The Android Pixel bulletin and related ...
CVE-2026-0141
CVE-2026-0141 describes a likely out-of-bounds read in decodeAppPacket of RtcpAppPacket.cpp caused by a missing bounds check. The vulnerability enables a remote information disclosure without requiring additional execution privileges and without user interaction. Public references in the provided...
CVE-2026-0158
CVE-2026-0158 affects the Camera component and describes an information disclosure vulnerability caused by a missing permission check that can allow local access to photos without extra execution privileges. Impact is local information disclosure (C: Low, I: None, A: None) with a CVSS 3.1 base sc...
CVE-2026-20409
In imgsys, a potential out-of-bounds write due to a missing bounds check could enable local privilege escalation if an attacker already has System privileges. Exploitation does not require user interaction. Public references indicate a patch ID (ALPS10363246) and an Issue ID (MSV-5779) associated...
CVE-2026-20410
In imgsys, a vulnerability CVE-2026-20410 is described as an out-of-bounds write caused by a missing bounds check in a component of imgsys. The impact is local escalation of privilege to System with confidentiality, integrity, and availability impact rated high in the CVSS vector (LOCAL, HIGH imp...
CVE-2026-20413
CVE-2026-20413 affects imgsys and describes a potential out-of-bounds write caused by a missing bounds check. The vulnerability could enable local elevation of privilege to System level without user interaction. Available documentation consistently cites the same root cause and impact across mult...
CVE-2026-20442
CVE-2026-20442 affects MediaTek chipsets and is caused by a use-after-free in the display path, leading to a possible local crash and denial of service when the attacker already has System privileges. Exploitation does not require user interaction and is local (attack vector: local). The conditio...
CVE-2025-20783
CVE-2025-20783 describes an out-of-bounds write due to a missing bounds check in display code, potentially enabling local privilege escalation to SYSTEM without user interaction. The vulnerability is associated with MediaTek chipsets, with references noting Patch ID ALPS10182882 and Issue MSV-468...
CVE-2025-20786
CVE-2025-20786: memory corruption via use-after-free in display code enables local escalation of privilege for actors with System privileges; no user interaction required. Patch ALPS10149882 (Issue MSV-4673) is referenced across sources (e.g., Red Hat, NVD, CVE lists). Exploitation status not pro...
CVE-2025-20807
CVE-2025-20807 affects dpe with an out-of-bounds write caused by an integer overflow. Local privilege escalation is possible if an attacker already has System privileges; no user interaction is required. Patch ALPS10114841 (Issue MSV-4451) is provided as a fix. Connected sources from Red Hat, NVD...
CVE-2025-3012
CVE-2025-3012 is associated with Unisoc dpc modem. The connected documents consistently describe a null pointer dereference in the modem stack that can cause a system crash and remote denial of service without requiring user interaction or local privileges. Affected component: dpc modem (Unisoc)....
CVE-2025-36912
CVE-2025-36912: DoS in the cellular modem due to a logic error; network-triggered, no user interaction required, with availability impact. Affected: cellular modem components in Google Pixel Android devices as documented in the Pixel December 2025 bulletin and corroborated by Red Hat/NVD/USD feed...
CVE-2025-36925
CVE-2025-36925 affects WAVES_send_data_to_dsp in libaoc_waves.c, where a missing bounds check can cause an out-of-bounds write. This leads to local escalation of privilege with no additional execution privileges required, and no user interaction is needed for exploitation. The connected Red Hat a...
CVE-2025-48590
CVE-2025-48590 affects the Android Framework component AppOpsService (verifyAndGetBypass). The issue describes a resource-exhaustion path that could allow a malicious local app to prevent dialing emergency services, causing local DoS without extra privileges or user interaction. Impact is limited...
CVE-2025-48596
CVE-2025-48596 is an Android/local privilege-escalation flaw caused by an out-of-bounds read in Parcel.cpp:appendFrom due to a missing bounds check. The issue allows local escalation without extra privileges or user interaction. Public references and Red Hat/EUVD/NVD entries describe the same aff...
CVE-2025-48624
CVE-2025-48624 is a local privilege-escalation vulnerability in the Linux kernel's ARM SMMU v3 driver (arm-smmu-v3.c) caused by improper input validation, leading to an out-of-bounds write in multiple functions. The issue could allow local escalation with no extra privileges and does not require ...
CVE-2025-61613
CVE-2025-61613 involves the nr modem where a flaw in input validation can cause a system crash, leading to remote denial of service with no additional execution privileges required. The affected component is the nr modem (no other product/version details are provided in the documents). The root c...
CVE-2025-61618
CVE-2025-61618 affects Unisoc nr modem. The root cause is improper input validation in the modem stack, leading to a system crash and remote denial of service without requiring privileges or user interaction. The available documentation consistently describes this as a DoS via remote input handli...
CVE-2025-71251
CVE-2025-71251 affects the IMS component. The issue is caused by improper input validation, leading to a system crash and remote denial of service without extra privileges or user interaction. CVSS 3.1 metrics: Network attack vector, low attack complexity, no privileges required, no user interact...
CVE-2025-71252
Technical details are not publicly available in the provided documents. Monitor for updates from vendors (Modem IMS) for affected components, potential impact, and officially recommended remediation.
CVE-2025-71255
Technical details are not publicly available in the provided documents. Monitor for updates from the vendor and CVE databases to confirm affected products, root cause specifics, and remediation.