8153 matches found
CVE-2023-40084
CVE-2023-40084 involves a memory corruption vulnerability caused by a use-after-free in the MDnsSdListener.cpp path. The flaw can permit local escalation of privilege without additional execution privileges and without user interaction, as described across multiple sources (NVD/Red Hat/Android bu...
CVE-2023-40092
CVE-2023-40092 affects the Android Framework, specifically the verifyShortcutInfoPackage function in ShortcutService.java. The Red Hat/Android/NVD entries describe a confused deputy scenario that could allow an authenticated local attacker to view another user’s image, causing local information d...
CVE-2023-45773
The CVE-2023-45773 issue affects the Bluetooth stack component (btm_ble_gap.cc) in Android. It describes an out-of-bounds write caused by a missing bounds check in multiple functions, which could enable local escalation of privilege with User privileges required and no user interaction. The threa...
CVE-2024-20005
The CVE-2024-20005 entry describes a permission bypass in MediaTek’s da module due to a missing permission check. This could allow local escalation to SYSTEM privileges with no user interaction required. The impact is confined to local, system-level access; exploitation details are not provided, ...
CVE-2024-31314
CVE-2024-31314 is a DoS via resource exhaustion in multiple functions of ShortcutService.java. The issue is described across Android/Red Hat/NVD/CVE lists as a local DoS without required user interaction. Affected component is ShortcutService.java, with a persistent denial of service risk due to ...
CVE-2024-31318
CVE-2024-31318 affects Android’s CompanionDeviceManagerService.java. The flaw is a missing permission check that could allow pairing a companion device without user acceptance, enabling local elevation of privilege with no extra execution privileges required. User interaction is not needed for ex...
CVE-2025-20636
CVE-2025-20636 involves MediaTek MT8798 secmem module where a missing bounds check can cause an out-of-bounds write. This could enable local privilege escalation if an attacker already has System privileges, with no user interaction required. The available references list a patch: ALPS09403554 (M...
CVE-2019-14783
CVE-2019-14783 affects Samsung mobile devices running N7.x, O8.x, and P9.0 software. The issue resides in the FotaAgent component and allows a malicious application to create privileged files, indicating an elevation of privilege risk within the FotaAgent handling of file creation. The connected ...
CVE-2020-0238
CVE-2020-0238 affects the Android Framework in the AccountTypePreferenceLoader’s updatePreferenceIntents. The issue is a race condition that can enable a confused deputy, allowing local escalation of privilege and the launch of privileged activities without extra execution privileges. Impact is d...
CVE-2020-0388
CVE-2020-0388 is an Android elevation-of-privilege issue in GnssVisibilityControl.java (createEmergencyLocationUserNotification) caused by an empty mutable PendingIntent. It enables a local attacker to bypass user interaction requirements and gain elevated privileges on Android-11/Android-10, wit...
CVE-2020-0463
CVE-2020-0463 affects Android Bluetooth SDP server (sdp_server_handle_client_req in sdp_server.cc). It describes a possible out-of-bounds read due to missing bounds checks, leading to remote information disclosure without added privileges or user interaction. Affected Android versions include 8.0...
CVE-2021-0517
CVE-2021-0517 affects Google Android ConnectivityService.java (Android 11). In updateCapabilities, a logic error can lead to an incorrect network state determination, biasing networking tasks to non-VPN networks and enabling remote information disclosure without additional privileges. Exploitatio...
CVE-2021-0522
CVE-2021-0522 is an Android vulnerability reported as an out-of-bounds read caused by a use-after-free in ConnectionHandler::SdpCb (connection_handler.cc). The issue could allow remote information disclosure without additional execution privileges, and no user interaction is required. Affected pr...
CVE-2021-0604
CVE-2021-0604 affects Android 8.1, 9, 10 and 11. In BluetoothOppSendFileInfo.java, generateFileInfo allows sharing private files over Bluetooth via a confused deputy, leading to local information disclosure without extra execution privileges; user interaction is required for exploitation. The ent...
CVE-2021-0689
CVE-2021-0689 affects Android platforms (Android-8.1, 9, 10, 11) via an out-of-bounds read in SkSwizzler_opts.h: RGB_to_BGR1_portable, caused by a missing bounds check. This can lead to local information disclosure without user interaction. The provided documents do not specify an exploit or patc...
CVE-2021-0704
CVE-2021-0704 (Google Android): A local information-disclosure vulnerability in AccountManagerService.java allows retrieving accounts without required permissions due to a permissions bypass. Affected Android versions include 9, 10, and 11. Exploitation is local and does not require user interact...
CVE-2021-39620
CVE-2021-39620 affects Android (Android 11 and 12) and is caused by a memory corruption in ipcSetDataReference within Parcel.cpp due to a use-after-free, enabling local privilege escalation with no user interaction. The Red Hat/OSV entries corroborate a local EoP risk and list the component as An...
CVE-2022-20391
CVE-2022-20391 is listed in the Android 2022-09-01 bulletin under Unisoc components with a High severity. The provided documents do not include explicit root-cause, exploit details, or affected Android versions beyond the bulletin’s context. remediation guidance, where provided, is to apply the 2...
CVE-2022-20431
CVE-2022-20431 describes a local elevation of privilege in Android due to a missing authorization check in a system service. The issue affects Android devices (specific component not publicly named in the documents) and is exploited locally with high impact (confidentiality, integrity, and availa...
CVE-2022-32597
CVE-2022-32597 : In Widevine, there is an out-of-bounds write due to an incorrect bounds check, enabling local escalation to System execution privileges. Exploitation requires no user interaction and is localized (local attacker). The issue is associated with the MediaTek Widevine implementation;...
CVE-2022-44437
CVE-2022-44437 affects Android components related to the messaging service, where a missing permission check could allow local denial of service in the contacts service with no extra privileges. The base CVSS3.1 vector indicates Local access, Low attack complexity and Low privileges required, wit...
CVE-2022-47459
CVE-2022-47459 concerns a vulnerability in the WLAN driver where a missing parameter check can lead to a local denial of service in WLAN services. The concrete details across connected sources consistently identify the affected component as the WLAN driver and describe the root cause as an inadeq...
CVE-2023-20623
CVE-2023-20623 affects the Ion component in MediaTek-based systems. Root cause is improper locking that allows local privilege escalation without extra execution privileges and with no user interaction required. The CVSS metrics indicate a local attack vector, high complexity, and high privileges...
CVE-2023-21216
CVE-2023-21216 affects the Linux kernel memory path (PMRChangeSparseMemOSMem in physmem_osmem_linux.c) where a use-after-free can cause arbitrary code execution, enabling local escalation of privilege with no additional privileges and no user interaction. The NVD entry rates this as CRITICAL (CVS...
CVE-2023-21249
The vulnerability is in Google Android's Framework, specifically OneTimePermissionUserManager.java, where a permissions bypass can cause a one‑time permission to be retained. This could enable local elevation of privilege with User execution privileges required and no user interaction. Public tec...
CVE-2023-35667
CVE-2023-35667 affects Android’s NotificationAccessSettings.java, specifically the updateList method. The logic error can allow hiding approved notification listeners, enabling local elevation of privilege with no extra execution privileges and no user interaction required. The vulnerability is d...
CVE-2023-45776
CVE-2023-45776 affects Android in the CreateAudioBroadcast function (broadcaster.cc) with an out-of-bounds write caused by a missing bounds check. This enables local escalation of privilege (attack vector: local; user interaction: none; required privileges: low; impact: high). Public references a...
CVE-2024-20027
CVE-2024-20027 concerns a MediaTek MediaTek da module issue described as an out-of-bounds write due to improper input validation. This could allow local escalation of privilege with SYSTEM execution privileges required; exploitation reportedly does not require user interaction. The available docu...
CVE-2024-25992
CVE-2024-25992 is a out-of-bounds read in tmu_tz_control of tmu.c caused by a missing bounds check. The vulnerability enables local escalation of privilege with no additional execution privileges required and does not require user interaction. The provided connected sources (Red Hat, NVD, PRION, ...
CVE-2024-25993
CVE-2024-25993 involves a missing bounds check in the tmu_reset_tmu_trip_counter function, causing an out-of-bounds write that could enable local privilege escalation with no extra privileges or user interaction required. Public docs attribute this to Pixel/Android components and classify the imp...
CVE-2024-27218
CVE-2024-27218 describes an out-of-bounds read in update_freq_data (TBD module), enabling local information disclosure without extra privileges and with no user interaction. Connected sources consistently cite a missing bounds check as the root cause and local disclosure as the impact. The Androi...
CVE-2024-31325
CVE-2024-31325 is listed in the Android Framework as an Elevation of Privilege (EoP) vulnerability with a local attack vector. The issue arises from a logic error that can reveal images across different users’ data, enabling local privilege escalation without additional execution privileges. Affe...
CVE-2024-34737
CVE-2024-34737 affects Android via a logic error in ensureSetPipAspectRatioQuotaTracker within the framework’s ActivityClientController.java, potentially allowing local privilege escalation by generating unmovable/undeletable pip windows. Exploitation requires local access; user interaction is no...
CVE-2024-43768
CVE-2024-43768 affects Google Android Skia: in SkDeflate.cpp’s skia_alloc_func there is an out-of-bounds write caused by an integer overflow. This could enable local escalation of privilege with no additional execution privileges and no user interaction required. Remediation: patch updates exist ...
CVE-2025-20657
CVE-2025-20657 relates to MediaTek MediaTek vdec with a permission bypass caused by improper input validation. The issue could enable local escalation of privilege if an attacker already has SYSTEM privileges; exploitation reportedly does not require user interaction. Connected sources (RH, NVD, ...
CVE-2014-9803
CVE-2014-9803 affects the Linux kernel and Android deployments using affected kernels prior to 3.15-rc5-next-20140519 (notably on Nexus 5X/6P before 2016-07-05). The issue arises in arch/arm64/include/asm/pgtable.h where execute-only pages are mishandled, enabling a local attacker to gain privile...
CVE-2015-8944
CVE-2015-8944 concerns the Linux kernel up to version 4.7 (as used in Android on Nexus 6/7 devices before 2016-08-05). The ioresources_init function in kernel/resource.c uses weak permissions for /proc/iomem, allowing local users to read this file and obtain sensitive information. The description...
CVE-2019-2020
CVE-2019-2020 affects Android devices and is caused by a missing bounds check in llcp_dlc_proc_rr_rnr_pdu within the llcp_dlc.cc module, leading to a possible out-of-bounds read and local information disclosure. Affected releases include Android-7.0, 7.1.1, 7.1.2, 8.0, 8.1, and 9.0. The vulnerabi...
CVE-2020-0467
CVE-2020-0467 concerns a logic issue in Vpn.java (onUserStopped) on Android where user preferences could be reset, potentially causing local information disclosure of secure network traffic when not on VPN. Affected platforms include Android 8.1, 9, 10 and 11. Exploitation is described as requiri...
CVE-2021-0329
CVE-2021-0329: In several native functions called by AdvertiseManager.java, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth server on Android 8.1–11. Exploitation is possible with local privileges; no user in...
CVE-2021-0477
CVE-2021-0477 describes an elevation-of-privilege vulnerability in Android: in ScreenshotNotificationsController.notifyScreenshotError, an unsafe PendingIntent could allow a local attacker to bypass protection and gain privileges without user interaction. Affected: Android 8.1, 9, 10, 11. Impact ...
CVE-2021-0482
CVE-2021-0482 concerns Android 11’s Media Framework. In BinderDiedCallback within MediaCodec.cpp there is memory corruption due to a use-after-free, enabling local elevation of privilege with no additional execution privileges required and no user interaction needed. The vulnerability is categori...
CVE-2021-0486
CVE-2021-0486 concerns Android 10–11 where, in the PermissionManagerService.java more precisely in onPackageAddedInternal, there is a permissions bypass that allows possible access to external storage. The root cause is a local-elevation-of-privilege path that does not require user interaction. T...
CVE-2021-0582
CVE-2021-0582 is an information-disclosure vulnerability in the Android Wi‑Fi driver caused by a missing bounds check that enables a remote attacker in adjacent network range to read memory without executing code or requiring user interaction. Impact is confidentiality loss (high per CVSS‑3.1) wi...
CVE-2021-0685
CVE-2021-0685 affects Android 11. In ParsedIntentInfo.java, there is a parcel serialization/deserialization mismatch due to unsafe deserialization, enabling local elevation of privilege with no extra execution privileges required. Exploitation requires local access; user interaction is not needed...
CVE-2021-0692
CVE-2021-0692 affects Android (Android-9/10/11) via a flaw in FirstScreenBroadcast.java: sendBroadcastToInstaller can trigger an activity launch through an unsafe PendingIntent, enabling local elevation of privilege with no extra execution privileges required. The issue is described as requiring ...
CVE-2021-0696
CVE-2021-0696 describes a use-after-free race in dllist_remove_node (TBD) leading to local privilege escalation on Android SoC. Connected records corroborate a race condition in dllist_remove_node with local-privilege escalation, affecting Android components (PowerVR-GPU listed in PT-2022-9122) a...
CVE-2021-0891
CVE-2021-0891 affects the PowerVR-GPU driver in Android. An unprivileged app can trigger the driver to return uninitialized heap memory, enabling information disclosure. Exploitation is possible without privileges or user interaction over network. The issue is mapped in Android’s 2022-08-01/08-05...
CVE-2021-39657
CVE-2021-39657 concerns an out-of-bounds read in the Android kernel’s ufshcd_eh_device_reset_handler (ufshcd.c). The issue enables local information disclosure with System privileges required, and does not require user interaction to exploit. The provided connected documents reiterate the same de...
CVE-2021-39716
CVE-2021-39716 is present in multiple feeds. The Pixel Update Bulletin categorizes it under Modem with type ID and Moderate severity, indicating a Modem-related issue in Pixel devices; remediation is via Google’s 2022-03-05 patch level. However, the NVD entry lists the affected component as Andro...