8153 matches found
CVE-2021-0397
CVE-2021-0397 : A double-free in Android’s sdp_copy_raw_data (sdp_discovery.cc) can cause remote code execution with no privileges and no user interaction. Affected: Android 8.1, 9, 10, 11 (per public advisories). Root cause: memory management flaw (double free) in SDP discovery path. Impact: rem...
CVE-2021-0507
CVE-2021-0507 corresponds to an Android Bluetooth flaw in btif_rc.cc (handle_rc_metamsg_cmd) where a missing bounds check can cause an out-of-bounds write. This flaw could enable remote code execution over Bluetooth with no extra privileges and without user interaction. Affected Android versions ...
CVE-2021-0509
CVE-2021-0509 : A race condition causes a use-after-free in CryptoPlugin.cpp, leading to local privilege escalation with no additional privileges or user interaction required. Affected products/versions in the provided data include Android 8.1, 9, 10, and 11. The documents do not specify a public...
CVE-2021-0589
CVE-2021-0589 is an Android local privilege escalation vulnerability: an out-of-bounds write in BTM_TryAllocateSCN (btm_scn.cc) caused by an incorrect bounds check, enabling local execution as a privileged context without user interaction. Affected Android versions include 8.1, 9, 10, and 11 (per...
CVE-2021-0645
CVE-2021-0645 is an elevation-of-privilege issue in Android 11 involving shouldBlockFromTree in ExternalStorageProvider.java. The root cause is a permissions bypass that could let a local attacker read private app directories in external storage, with exploitation reportedly requiring user intera...
CVE-2021-0695
CVE-2021-0695 is a vulnerability in the Android kernel (xt_qtaguid.c: get_sock_stat) caused by a use-after-free that enables an out-of-bounds read leading to local information disclosure. Exploitation is local (no user interaction required) per the description; impact is partial confidentiality. ...
CVE-2021-0706
CVE-2021-0706 affects Android (versions 10 and 11) via a missing permission check in startListening() of PluginManagerImpl.java, allowing an attacker to disable arbitrary app components and potentially cause local denial of service with no additional privileges or user interaction required. The v...
CVE-2021-39715
The CVE refers to an information disclosure in the Android kernel: in __show_regs of process.c, log information disclosure could leak kernel memory/addresses, enabling local information leakage with SYSTEM privileges. Affected software: Android kernel components; vulnerable item: the show_regs pa...
CVE-2022-20226
CVE-2022-20226 affects Android 12 / 12L. Root cause: in finishDrawingWindow of WindowManagerService.java, improper input validation enables tapjacking. This could allow local escalation of privilege with User privileges required; exploitation requires user interaction. Affected component is the W...
CVE-2022-20467
The CVE-2022-20467 issue affects Android 11–13 where the function isBluetoothShareUri in BluetoothOppUtility.java can read files incorrectly due to a confused deputy, causing local information disclosure with no extra execution privileges. Exploitation requires user interaction, with local attack...
CVE-2023-20947
CVE-2023-20947 is an Elevation of Privilege vulnerability in Android affecting the getGroupState function in GrantPermissionsViewModel.kt. The issue can allow a local attacker with low privileges to bypass permission handling and keep a one-time permission granted, enabling local escalation witho...
CVE-2023-20964
The CVE-2023-20964 entry affects Android (Android-12/12L/13) via MediaSessionRecord.java, where an Intent rebroadcast in multiple functions can cause local denial of service or privilege escalation without extra execution privileges and with no user interaction required. The vulnerability is clas...
CVE-2023-21104
CVE-2023-21104 affects Android (Android-12L/Android-13) via a missing permission check in WindowOrganizer.java (applySyncTransaction), enabling local information disclosure without extra execution privileges. Impact is information leakage; exploitation requires no user interaction and is locally ...
CVE-2023-21117
CVE-2023-21117 affects Android 13, specifically the ActivityManagerService.registerReceiverWithFeature path. The issue enables a permissions bypass that could let isolated processes register a broadcast receiver, causing local elevation of privilege with no extra execution privileges and no user ...
CVE-2023-21118
The CVE-2023-21118 entry concerns a vulnerability in Android where the unflattenString8 function in Sensor.cpp can read beyond a heap buffer due to a missing bounds check, causing local information disclosure without extra privileges. Affected products/versions include Android 11, 12, 12L, and 13...
CVE-2023-21245
CVE-2023-21245 affects Google's Android Framework, specifically the showNextSecurityScreenOrFinish path in KeyguardSecurityContainerController.java. A logic error could allow access to the lock screen during device setup, enabling local elevation of privilege without user interaction. Exploitatio...
CVE-2023-32871
CVE-2023-32871 affects MediaTek DA (Device Access) in MediaTek-based platforms. The vulnerability arises from an incorrect status check, enabling local escalation of privilege with no additional execution privileges required and no user interaction. The issue is documented across multiple sources...
CVE-2019-2108
CVE-2019-2108 affects Android 10 in the Media framework component. The issue is an out-of-bounds write in ihevcd_ref_list.c caused by a missing bounds check, enabling remote code execution with the attacker needing user interaction. The Android 2019-09-05 patch level (and later) addressing this i...
CVE-2019-9254
CVE-2019-9254 affects Android 10 in zygote.java (readArgumentList). Describes a command injection due to improper input validation that could enable local privilege escalation without user interaction. Impact is defined as local EoP with high severity (C/C/I/A). Mitigation: patch levels 2019-09-0...
CVE-2021-0319
CVE-2021-0319 affects Android versions 8.0 through 11. It concerns CompanionDeviceManagerService.checkCallerIsSystemOr, where a permissions bypass may allow a local attacker to obtain a nearby Bluetooth device’s MAC address without proper permissions, enabling local privilege escalation to access...
CVE-2021-39626
CVE-2021-39626 affects Android devices (Android-9 to Android-12) via a permission bypass in ConnectedDeviceDashboardFragment.java (onAttach), enabling local privilege escalation in Bluetooth settings with no extra execution privileges or user interaction required. The NVD entry notes a high base ...
CVE-2022-20395
The CVE-2022-20395 entry concerns Android 11–13, where a path traversal in MediaProvider.java (checkAccess) can delete files, enabling local elevation of privilege with no extra execution privileges. Affected component: MediaProvider.java; root cause: path traversal leading to local file deletion...
CVE-2022-20399
CVE-2022-20399 concerns the SEPolicy configuration in Android system apps, where an insecure default value allows access to the non-setuid ip utility. The resulting impact is local information disclosure of network data without extra privileges or user interaction. Documents consistently tie this...
CVE-2022-20414
Summary: CVE-2022-20414 describes a local DoS in Android via an uncaught exception in AlarmManagerService.setImpl that can push a device into a boot loop without extra privileges or user interaction. Affected products/versions (per sources): Android 10–13 (Android 10, 11, 12, 12L, 13). Root cause...
CVE-2023-20939
CVE-2023-20939 affects Android 12/12L/13, with memory corruption in the looper_backed_event_loop.cpp functions due to improper locking. The root cause is a locking defect that can lead to local elevation of privilege without extra execution privileges or user interaction. The impact is described ...
CVE-2023-21080
CVE-2023-21080 affects Android 11–13 and is tied to register_notification_rsp in btif_rc.cc, where a missing bounds check enables a local out-of-bounds read. This can cause information disclosure without requiring privileges or user interaction. The available sources (NVD/NVDC/CNVD/OsV/PRION mirr...
CVE-2023-21262
Consolidated evidence across CVE-2023-21262 entries shows a race condition in the startInput function of AudioPolicyInterfaceImpl.cpp that can cause the microphone privacy indicator to be displayed incorrectly. This could mislead users about mic activity and state. Exploitation, if any, is noted ...
CVE-2023-35683
CVE-2023-35683 affects Android’s DatabaseUtils.java (bindSelection) within the MediaProvider component, enabling SQL injection that can allow local information disclosure by accessing files from other apps. Exploitation requires local access with no user interaction, and no explicit exploit detai...
CVE-2023-35687
CVE-2023-35687 affects Google Android, specifically the MtpPropertyValue path in MtpProperty.h. The issue is a memory corruption due to a use-after-free, allowing local escalation of privilege with no additional execution privileges required and without user interaction. In practice, exploitation...
CVE-2023-40076
The CVE-2023-40076 issue concerns Android’s CredentialManagerUi.java: in createPendingIntent, a permissions bypass could allow access to credentials from other users. This represents a local elevation of privilege, with exploitation possible without additional execution privileges or user interac...
CVE-2024-0045
CVE-2024-0045: A vulnerability exists in the smp_proc_sec_req function of smp_act.cc that can trigger an out-of-bounds read due to improper input validation. This may allow remote information disclosure without additional execution privileges and without user interaction. Multiple sources (Androi...
CVE-2024-20040
CVE-2024-20040 affects MediaTek WLAN firmware (MT6XXX/MT79XX) and stems from an out-of-bounds write caused by improper input validation. This could enable remote escalation of privilege with no additional execution privileges required and no user interaction. The CVSSv3.1 base score is 8.8 (HIGH)...
CVE-2024-32929
CVE-2024-32929 affects the Pixel GPU driver path gpu_slc_get_region in pixel_gpu_slc.c. A use-after-free in that function can cause a local elevation of privilege, with no additional execution privileges needed and no user interaction required. Public details across connected records confirm the ...
CVE-2024-34743
CVE-2024-34743 affects Google Android via a logic error in SurfaceFlinger.cpp (setTransactionState) that could enable tapjacking, leading to local elevation of privilege with no user interaction required. The vulnerability is classified as EoP, High severity, with local attack vector and impact t...
CVE-2024-40674
CVE-2024-40674 affects Google Android via WifiConfigurationUtil.java (validateSsid). The issue is a logic error that could overflow a system configuration file, causing a local denial of service without requiring privileges or user interaction. Public details consistently reference Android/WifiCo...
CVE-2017-13230
CVE-2017-13230 affects the Android Media framework, specifically an out-of-bounds write in the HEVC (H.265) codec caused by an incorrect bounds check on i2_pic_width_in_luma_samples. This can enable remote escalation of privilege with no additional execution privileges required, though exploitati...
CVE-2019-2114
CVE-2019-2114 describes a local elevation-of-privilege issue in Android related to NFC default privileges that can bypass part of the user-interaction requirement during package installation. The result could allow a local attacker to install a malicious application and gain higher privileges, wi...
CVE-2021-0317
CVE-2021-0317 is an Elevation of Privilege vulnerability in Android stemming from a logic error in createOrUpdate(...) of Permission.java that could allow local privilege escalation. Affected Android versions include 8.0, 8.1, 9, 10, and 11. The issue requires user interaction to exploit and is c...
CVE-2021-0320
CVE-2021-0320 affects Android 10/11, describing a race condition in keystore_keymaster_enforcement.h (is_device_locked and set_device_locked) that could bypass lockscreen requirements for keyguard-bound keys. This may lead to local information disclosure without additional privileges, and exploit...
CVE-2021-0584
CVE-2021-0584 relates to an out-of-bounds read in Android’s Parcel.cpp (verifyBufferObject), caused by improper input validation. The issue can enable local information disclosure without additional privileges or user interaction. Affected Android versions include 8.1, 9, 10, and 11. The descript...
CVE-2021-0591
CVE-2021-0591 (Android) affects Android 8.1, 9, 10, 11. In BluetoothPermissionActivity.java, sendReplyIntentToReceiver can enable invoking privileged broadcast receivers due to a confusing deputy, enabling local elevation of privilege with User execution privileges needed. Exploitation requires u...
CVE-2021-0918
CVE-2021-0918 affects Android 12 with a Bluetooth GATT vulnerability: in gatt_process_notification (gatt_cl.cc) an out-of-bounds write due to missing bounds check could enable remote code execution via a specially crafted Bluetooth transmission. Exploitation requires no user interaction and can o...
CVE-2022-20117
Mode C: CVE-2022-20117 affects Pixel devices with Titan M (per Pixel Update Bulletin). The Titan M ID vulnerability indicates an information-disclosure issue where local data encrypted by the GSC can be decrypted due to improper crypto usage. Impact is local information disclosure without extra e...
CVE-2022-20356
CVE-2022-20356 affects Android 11/12/12L via the shouldAllowFgsWhileInUsePermissionLocked path in ActiveServices.java. The root cause is improper input validation, allowing a foreground service to be started from the background, causing local elevation of privilege with no additional execution pr...
CVE-2022-20451
CVE-2022-20451 affects Android 10–13 via a missing permission check in onCallRedirectionComplete of CallsManager.java, enabling local elevation of privilege with user interaction required. Red Hat and PT-Security references corroborate the issue; Android security bulletins indicate patches have b...
CVE-2022-21763
CVE-2022-21763 affects the telecom service component; due to a missing permission check, it can disclose local information without extra privileges. Exploitation requires no user interaction. A patch is listed (ALPS07044717/ALPS07044708) and updates are reflected in multiple sources (NVD, Red Hat...
CVE-2023-35658
CVE-2023-35658 affects the Android Bluetooth stack (gatt_process_prep_write_rsp in gatt_cl.cc), where a use-after-free can cause privilege escalation and remote code execution without extra privileges or user interaction. The issue is described across multiple sources as a proximal code execution...
CVE-2023-35681
CVE-2023-35681 affects Android’s Bluetooth stack (eatt_impl.h: eatt_l2cap_reconfig_completed). Public sources describe a possible out-of-bounds write caused by an integer overflow, which could allow remote code execution with no additional privileges and without user interaction. The available co...
CVE-2023-40098
The CVE-2023-40098 issue affects Android and stems from a logic error in mOnDone() within NotificationConversationInfo.java, enabling local information disclosure of another user’s app notification data. Exploitation requires local access with no user interaction specified, and the confidentialit...
CVE-2023-40134
CVE-2023-40134 concerns a local information disclosure in the Android UI code path. The vulnerability is described as a confused deputy in isFullScreen/FillUi.java that can allow viewing another user’s images without extra execution privileges and without user interaction. Public sources in the c...