8153 matches found
CVE-2025-20763
CVE-2025-20763 affects the mmdvfs component. A missing bounds check can enable an out-of-bounds write, leading to local privilege escalation if an attacker already holds System privileges. No user interaction is required. Public records across NVD/Red Hat/ENISA and other feeds confirm the issue a...
CVE-2025-48614
CVE-2025-48614 : Android recovery path bug in rebootWipeUserData (RecoverySystem.java) allows factory reset while in DSU mode due to a missing permission check. This creates a physical denial-of-service risk with no extra privileges and no user interaction needed. Affected: Android framework comp...
CVE-2025-48628
Summary: CVE-2025-48628 affects the Android framework, specifically the PrintManagerService’s validateIconUserBoundary, enabling a cross-user image leak due to a confused deputy and enabling local privilege escalation without extra execution privileges or user interaction. What is affected: Print...
CVE-2025-69278
CVE-2025-69278 affects the nr modem. The issue is a crash caused by improper input validation, leading to remote denial of service. CVSS 3.1 base score 7.5 (NETWORK, LOW attack complexity, NONE privileges, NONE user interaction). Exploitation details are not provided in the documents; no remediat...
CVE-2025-71253
CVE-2025-71253 concerns Modem IMS with an input validation flaw that can allow remote denial of service without extra privileges. The issue is described as improper input validation in Modem IMS, leading to availability impact (high) per CVSS vector: Network access, no user interaction, low attac...
CVE-2026-0115
Technical details for CVE-2026-0115 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-0117
CVE-2026-0117 affects the MFC decoder path in mfc_dec_v4l2.c, where an incorrect bounds check enables an out-of-bounds write. This could lead to local escalation of privileges with no extra execution privileges required and no user interaction needed. The vulnerability is documented across multip...
CVE-2026-0118
Technical details about CVE-2026-0118 are not publicly provided in the supplied documents. Monitor for updates from the sources listed; the available descriptions indicate a local privilege escalation via oobconfig bypass but lack specifics.
CVE-2026-0135
CVE-2026-0135 affects the Modem component, where a missing bounds check can enable an out-of-bounds read. This can lead to remote code execution with no additional privileges required and no user interaction. Several connected sources (NVD, EUVD-ENISA, CVE listings, OSV and PT-Security entries) c...
CVE-2026-0145
CVE-2026-0145 affects Keymint; a logic error allows a permission bypass leading to local information disclosure without extra privileges or user interaction. Exploitation status and fix details are not provided in the supplied documents; several sources list the issue but no patch information is ...
CVE-2026-20416
The CVE-2026-20416 entry concerns an out-of-bounds write in pcie caused by a missing bounds check, enabling local privilege escalation to System level without user interaction. Affected scope includes MediaTek-based PCIe components (as reflected across NVD/Red Hat OSV, CVE lists, and PT-security ...
CVE-2026-20438
CVE-2026-20438 affects MAE with a race-condition out-of-bounds write that can cause local privilege escalation without user interaction. The issue requires the System privilege to exploit and is associated with Patch ID ALPS10431920 and Issue MSV-5835. Red Hat and other feeds corroborate the same...
CVE-2026-20444
CVE-2026-20444 affects MediaTek chipsets. The issue is a memory corruption caused by a missing bounds check in display, enabling local escalation of privilege from System with no user interaction required. Patch: ALPS10436995; Issue ID: MSV-5721. Connected sources (Red Hat, NVD, CVE list, etc.) c...
CVE-2026-20445
The CVE-2026-20445 vulnerability affects the MDDP component, where a race condition can cause a system crash leading to local denial of service when the attacker already has System privileges. Exploitation does not require user interaction. The issue is associated with a patch identified as ALPS1...
CVE-2026-28587
CVE-2026-28587 affects the MmsSmsProvider component (MmsSmsProvider.java), enabling local information disclosure via a missing permission check. Exploitation requires no user interaction and does not require additional privileges; impact is confined to information disclosure. The vulnerability is...
CVE-2025-20723
The CVE-2025-20723 entry concerns the gnss driver. It describes an out-of-bounds write caused by an incorrect bounds check, potentially enabling local privilege escalation to System level without user interaction. A patch is identified (ALPS09920033) and the associated issue MSV-3797. Connected s...
CVE-2025-20749
In MediaTek charger-related CVE-2025-20749, the flaw is an out-of-bounds write caused by a missing bounds check. This can enable local escalation of privilege for an attacker who already has System privileges, with no user interaction required. Affected component is the charger subsystem; the iss...
CVE-2025-20771
CVE-2025-20771 relates to a local privilege-escalation in MediaTek chipsets due to improper input validation. A malicious actor already with System privileges could exploit this without user interaction, per multiple feeds. The underlying flaw is in input handling leading to elevation of privileg...
CVE-2025-20789
In GPU pdma on affected MediaTek platforms, a missing bounds check can lead to local information disclosure. The vulnerability allows leakage of information without extra privileges, with exploitation requiring user interaction. A patch is referenced (ALPS10117741; MSV-4538). Affected component i...
CVE-2025-36919
CVE-2025-36919: A double-free condition in aocc_read within aoc_channel_dev.c due to improper locking enables local elevation of privilege. Exploitation requires local access (no user interaction). Multiple feeds (NVD/Red Hat/CNVD/CVELIST) reference the same issue with AoC component; Pixel Androi...
CVE-2025-48586
Summary: CVE-2025-48586 relates to Android's EditFdnContactScreen.java: In onActivityResult, a confused-deputy flaw could leak contacts from the work profile, enabling local elevation of privilege with no extra privileges and no user interaction. Affected component: Android app code path in EditF...
CVE-2025-48650
CVE-2025-48650 is described in public sources as an information disclosure via SQL injection that can lead to local privilege escalation with no additional execution privileges and no user interaction required. The initial entry does not specify affected products or versions. Connected documents ...
CVE-2026-0057
CVE-2026-0057 affects the Android Contacts Provider. A missing permission check can allow an attacker to read an incoming call’s phone number and related metadata, enabling local information disclosure without extra execution privileges, and exploitation does not require user interaction. The iss...
CVE-2026-0112
CVE-2026-0112 describes a use-after-free in vpu_open_inst of vpu_ioctl.c caused by a race condition, enabling local privilege escalation with no extra execution privileges or user interaction required. Multiple feeds (NVD/Red Hat/EUVD/PT Security/OSV) report the same description. The connected so...
CVE-2026-0129
The CVE-2026-0129 entry concerns RtcpByePacket::decodeByePacket with a missing bounds check that can lead to remote information disclosure. The available sources (NVD, OSV, PT security, Android Pixel bulletin) indicate this is related to libpixelimsmedia and triggers information disclosure withou...
CVE-2026-0130
CVE-2026-0130 affects the RtcpChunk::decodeRtcpChunk path, where a heap buffer overflow can cause an out-of-bounds read. This may lead to remote information disclosure without extra execution privileges. Exploitation requires user interaction. The provided documents do not specify affected produc...
CVE-2026-0160
The vulnerability CVE-2026-0160 affects the TextRtpPayloadDecoderNode, specifically in DecodeT140 of TextRtpPayloadDecoderNode.cpp. It is caused by a missing bounds check that can result in an out-of-bounds write. The documented impact is remote code execution with no additional privileges requir...
CVE-2026-20424
CVE-2026-20424 affects MediaTek chipsets. It is a missing bounds check in display leading to an out-of-bounds read, potentially exposing local information if an attacker already has System privileges. Exploitation does not require user interaction and is local. Patch: ALPS10320471 (Issue MSV-5540...
CVE-2025-20744
The CVE-2025-20744 entry concerns the pda component with a use-after-free in privileged context leading to local escalation of privilege. The advisory indicates that a malicious actor who already has System privileges can exploit this without user interaction; no exploit vectors or in-wild detail...
CVE-2025-20745
CVE-2025-20745 concerns a memory corruption issue in apusys caused by a use-after-free, enabling local privilege escalation for an attacker with System privileges. The vulnerability does not require user interaction. Affected component: apusys; root cause: use-after-free leading to memory corrupt...
CVE-2025-20776
CVE-2025-20776 affects MediaTek chipsets with an out-of-bounds read caused by a missing bounds check. This can enable local privilege escalation to System level without user interaction. Exploitation status is not detailed in the provided documents. Patch: ALPS10184297 (MSV-4759) is referenced. N...
CVE-2025-20800
CVE-2025-20800 affects the MediaTek-related component mminfra. The issue is an out-of-bounds write caused by a missing bounds check, enabling local escalation of privilege to System level without user interaction. Exploitation details (vectors, exploit code) are not provided in the supplied docum...
CVE-2025-20806
Impactful but constrained: CVE-2025-20806 is a memory corruption via use-after-free in dpe that could enable local escalation of privilege to System level. Exploitation requires local access; no user interaction is needed. Root cause is use-after-free vulnerability in dpe; no explicit affected pr...
CVE-2025-36929
CVE-2025-36929 affects gxp_fence_manager.cc AreFencesRegistered. The issue is an information leak caused by improper input validation, enabling local information disclosure without extra privileges and without user interaction. Public exploitation details are not provided in the documents. The An...
CVE-2025-36936
The CVE-2025-36936 entry concerns Tachyon Server, specifically the GetTachyonCommand function in tachyon_server_common.h. The issue is a potential out-of-bounds write caused by an integer overflow, enabling local elevation of privilege with no additional execution privileges required and no user ...
CVE-2025-48591
CVE-2025-48591 is an Android framework information-disclosure vulnerability caused by a missing permission check in multiple locations, allowing local read-access to another user’s files without requiring privileges or user interaction. Affected: Android devices with patches that address ASB 2025...
CVE-2025-61616
CVE-2025-61616 affects the nr modem component where improper input validation can cause a system crash, leading to remote denial of service. The public records consistently describe the vulnerability as a crash in nr modem with no additional execution privileges required, and the impact is Availa...
CVE-2026-0113
CVE-2026-0113 describes an out-of-bounds write in ns_GetUserData within ns_SmscbUtilities.c that could enable remote escalation of privilege without user interaction. Affected references across multiple feeds corroborate the same flaw and classify it as a high-severity issue with a common-criteri...
CVE-2026-0123
The CVE-2026-0123 entry concerns the EfwApTransport::ProcessRxRing function in efw_ap_transport.cc, where an out-of-bounds write can occur due to a missing bounds check. This vulnerability is described as enabling local elevation of privilege with no additional execution privileges required and n...
CVE-2026-0126
In WC-Radio, there is a confirmed vulnerability causing an out-of-bounds write due to a missing bounds check. This can lead to remote code execution with no privileges and no user interaction required. The issue is detailed across multiple feeds (NVD entry CVE-2026-0126, EUVD-2026-, and related O...
CVE-2026-0143
The CVE-2026-0143 issue is in LWIS (lwIS) device handling: in lwis_device_external_event_emit of lwis_event.c, a memory corruption via use-after-free is reported, enabling local escalation of privilege with System execution privileges, and no user interaction is required. Public documents from NV...
CVE-2026-0153
CVE-2026-0153: Out-of-bounds write in Write of msg_to_host_buffer.cc due to an incorrect bounds check; could enable local escalation of privilege with no user interaction. Pixel bulletin lists EdgeTPU as the affected subcomponent; initial materials do not publish a patch version or mitigation ste...
CVE-2026-20437
CVE-2026-20437 affects MAE. A use-after-free causes a possible system crash leading to local denial of service when the attacker already has System privileges; no user interaction is required. Patch ALPS10431940 (MSV-5843).
CVE-2025-20798
MediaTek chipsets/Battery component contains an out-of-bounds write due to a missing bounds check, enabling local privilege escalation if an attacker already has System privileges. User interaction is not required. Patch ALPS10315812 and Issue MSV-5533 address this. Exploitation details are not p...
CVE-2025-20799
CVE-2025-20799 affects the c2ps component and is linked to a memory corruption via use-after-free. The issue enables local escalation of privilege if the attacker already holds System privileges, with no user interaction required. The vulnerability details indicate a patch identified as ALPS10274...
CVE-2025-48608
CVE-2025-48608 affects the Android SettingsProvider.java isValidMediaUri path, enabling cross-user media read due to a missing permission check. The issue permits local information disclosure without user interaction (ATT&CK: T1552-like, per the description), with CVSS 3.1 base score 5.5 (AV:L/AC...
CVE-2025-71256
CVE-2025-71256 affects the nr modem component. The issue is improper input validation that can allow remote denial of service without additional privileges. Attack vector is network with no user interaction; impact is availability degradation (CVE scored with CVSS v3.1 base 7.5, HIGH). Root cause...
CVE-2025-20770
CVE-2025-20770 involves a memory corruption via use-after-free in display handling on MediaTek chipsets, resulting in local privilege escalation if an attacker already has System privileges. No user interaction is required. The vulnerability affects the component responsible for display/memory ha...
CVE-2025-20775
CVE-2025-20775 affects MediaTek chipsets’ display component. The issue is a memory corruption due to a use-after-free in display, allowing local escalation of privilege to System level without user interaction. Affected versions are prior to Patch ID ALPS10182914; the patch/mitigation is ALPS1018...
CVE-2025-20788
CVE-2025-20788 affects the GPU PDMA path in MediaTek chipsets. The issue is a memory corruption caused by a missing permission check, which can enable local denial of service with no additional execution privileges required. Exploitation requires user interaction. A patch is available: ALPS101177...