8153 matches found
CVE-2021-0484
CVE-2021-0484: In readVector of IMediaPlayer.cpp there is a missing bounds check allowing a read of uninitialized heap data, leading to local information disclosure without extra privileges. Affected: Android 8.1, 9, 10, 11. Exploitation does not require user interaction; mitigation in the linked...
CVE-2021-0485
CVE-2021-0485 : In Android 11, the getMinimalSize path in PipBoundsAlgorithm.java allows a permissions bypass that could bypass restrictions on background processes, enabling local escalation of privilege with no additional execution privileges and no user interaction required. The issue is docum...
CVE-2021-0487
CVE-2021-0487 affects Android 11 (Framework) where CalendarDebugActivity.java could export calendar data to SD card via a tapjacking/overlay attack, enabling local elevation of privilege without user interaction. The Android security bulletin notes this under Framework with Updated AOSP versions ...
CVE-2021-0505
CVE-2021-0505 affects Android 11 (Settings) with a missing permission check that could allow disabling an always-on VPN, enabling local elevation of privilege without user interaction. Documents consistently describe a local, low-exploitability EoP risk; no explicit exploit details or fixes are p...
CVE-2021-0573
Summary: CVE-2021-0573 affects the asf extractor on Android (notably MediaTek components). The root cause is an out-of-bounds write due to a missing bounds check, enabling local escalation of privilege with no user interaction. Impact (as stated): local privilege escalation with partial confident...
CVE-2021-0585
CVE-2021-0585 is a documented Android vulnerability affecting Android 8.1–11 where an out-of-bounds write can occur in beginWrite/beginRead of MessageQueueBase.h due to improper input validation. This could enable local escalation of privilege to a system-level context without user interaction. T...
CVE-2021-0590
CVE-2021-0590 affects Android components where in NetworkMonitor.java’s sendNetworkConditionsBroadcast a privileged app could obtain WiFi BSSID/SSID without location permissions due to a missing permission check. The impact is local information disclosure with system-level privileges required; ex...
CVE-2021-0597
CVE-2021-0597 describes an information-disclosure issue in Android where SipService.java’s notifyProfileAdded/notifyProfileRemoved can expose SIP account names due to a missing permission check. The vulnerability enables local information disclosure without extra execution privileges, and exploit...
CVE-2021-0687
Technical details about CVE-2021-0687 are not provided in the connected documents. The available description notes an Android ANR/DoS scenario arising from input validation in Layout.java; no product/version specifics or remediation are included here. Monitor for updates.
CVE-2021-39722
CVE-2021-39722 affects ProtocolStkProactiveCommandAdapter::Init in protocolstkadapter.cpp, with an out-of-bounds read caused by an incorrect bounds check. This could allow local information disclosure and requires system privileges, with no user interaction needed. Connected sources (OSV entry) c...
CVE-2021-39725
CVE-2021-39725 affects the Android kernel component gasket_page_table.c, specifically the function gasket_free_coherent_memory_all. The issue is memory corruption caused by a double free, enabling local escalation of privilege with System-level execution privileges required; exploitation is descr...
CVE-2021-39732
CVE-2021-39732 affects the Android kernel component copy_io_entries in lwis_ioctl.c. It describes an out-of-bounds write caused by an integer overflow, which could enable local privilege escalation without user interaction. The available connected documents confirm the issue’s presence in Android...
CVE-2022-33729
CVE-2022-33729 affects Samsung devices with NFC ConfirmConnectActivity. The issue is an improper restriction of a broadcasting Intent in ConfirmConnectActivity, which leaks the MAC address of the connected Bluetooth device. The vulnerability is associated with NFC prior to SMR Aug-2022 Release 1....
CVE-2022-47331
CVE-2022-47331 concerns a race condition in the wlan driver. Connected document ASB-A-262503737 specifies a function lacking parameter checks that leads to an out-of-bounds write, which is tied to the same CVE entry and supports a local DoS impact via wlan services. Other connected entries reiter...
CVE-2023-20699
CVE-2023-20699 describes an out-of-bounds write in the MediaTek adsp module (affecting MediaTek-based devices) caused by a missing bounds check. Impact per sources: local escalation of privilege with System execution privileges required, no user interaction needed. Patch reference: ALPS07696073 (...
CVE-2023-21239
CVE-2023-21239 is in the Android Framework (Notification.java, visitUris) and enables local information disclosure via a confused deputy, leaking image data across user boundaries with no extra privileges and no user interaction required. Public details describe the root cause and affected AOSP v...
CVE-2023-3781
CVE-2023-3781 describes a use-after-free write from improper locking in a kernel component, enabling local elevation of privilege without user interaction. The threat is local access required (attack vector LOCAL) with a high impact on confidentiality, integrity, and availability as per CVSS. The...
CVE-2024-20022
CVE-2024-20022 describes a missing bounds check in the lk module that could allow local escalation of privilege to SYSTEM-level execution. The issue is triggered locally (no user interaction required) and is corroborated across multiple connected sources (e.g., Red Hat advisory and other feeds) w...
CVE-2024-20145
CVE-2024-20145 affects MediaTek V6 DA, where a missing bounds check can lead to an out-of-bounds write. The issue enables local escalation of privilege with physical access and user interaction required for exploitation. Patch ALPS09290940 addresses the flaw (MSV-2040).
CVE-2024-27223
The CVE-2024-27223 issue is an information-disclosure vulnerability in the EUTRAN_LCS_DecodeFacilityInformationElement function of LPP_LcsManagement.c, caused by a missing bounds check that enables an out-of-bounds read. The impact is remote information disclosure after authenticating the cell co...
CVE-2020-0242
CVE-2020-0242 describes a use-after-free in the Android media framework due to improper locking in NuPlayerDriver.cpp. The effect is local escalation of privilege in the media server with no additional execution privileges required, and exploitation requires local access (no user interaction). Af...
CVE-2020-0250
CVE-2020-0250 affects Android 10 (Dialed in by CVE entry: In requestCellInfoUpdateInternal of PhoneInterfaceManager.java, a missing permission check allows local information disclosure of location data without extra execution privileges or user interaction). Connected sources confirm details acro...
CVE-2020-0258
CVE-2020-0258 affects Android 10 Framework specifically in AppZygote.java’s stopZygoteLocked path, where insufficient cleanup can lead to local information disclosure by a next-starting application. Exploitation is local and does not require user interaction; no exploit details are provided in th...
CVE-2020-0396
CVE-2020-0396 is a system/component issue in Android Telephony related to an unsafe PendingIntent that can bypass permissions, enabling local information disclosure without user interaction. Affected Android versions include 8.0 (Oreo) through 11, with evidence in NVD and Android Security Bulleti...
CVE-2020-0401
CVE-2020-0401 involves a missing permission check in setInstallerPackageName within PackageManagerService.java, enabling local escalation of privilege and granting spurious permissions without extra execution privileges. Affected: Android 8.0–11. Impact per sources: local privilege escalation wit...
CVE-2021-0328
CVE-2021-0328 describes a Bluetooth vulnerability in Android’s GattService.java where onBatchScanReports and deliverBatchScan fail to perform a required permissions check. This permits retrieval of Bluetooth scan results without the necessary permissions, enabling local escalation of privilege wi...
CVE-2021-0330
CVE-2021-0330 is an Android vulnerability affecting storaged.cpp in the Android framework, where an improper locking leads to a possible use-after-free in add_user_ce and remove_user_ce. This could enable local escalation of privilege in storaged without additional execution privileges or user in...
CVE-2021-0391
CVE-2021-0391 affects Android Open Source Project: the vulnerability resides in the UI flow of ChooseTypeAndAccountActivity (onCreate in ChooseTypeAndAccountActivity.java). It allows learning whether an account exists via a tapjacking/overlay attack, without requiring permissions. Impact: local e...
CVE-2021-0435
CVE-2021-0435 describes a heap data leak in the Android Bluetooth stack: in avrc_proc_vendor_command within avrc_api.cc, uninitialized data can leak heap data, enabling remote information disclosure with no extra privileges and without user interaction. Affected Android versions include Android-1...
CVE-2021-0441
CVE-2021-0441 affects the Android 11 Framework: a permission bypass in onCreate of PermissionActivity.java caused by a confusing UI, enabling local elevation of privilege. The vulnerability targets the Framework component and, per the CVSS data, can require user interaction (UI) for exploitation ...
CVE-2021-0580
CVE-2021-0580 pertains to a vulnerability in the Android WiFi driver (MediaTek component) where a missing bounds check enables an out-of-bounds read, potentially allowing remote information disclosure to a proximal attacker without extra privileges or user interaction. The issue is described as a...
CVE-2021-0644
CVE-2021-0644 concerns an information disclosure in Android 10/11. In SubscriptionController.java, the function conditionalRemoveIdentifiers allows retrieval of a trackable identifier due to a missing permission check, enabling local information disclosure with user privileges. Exploitation requi...
CVE-2021-0672
CVE-2021-0672 describes an information-disclosure flaw in the Android Browser app due to a missing permission check, enabling local data exposure without user interaction. Root cause: permission check omission in the Browser component; impact: local information disclosure; exploitability: local, ...
CVE-2021-0922
CVE-2021-0922 : The Android framework vulnerability resides in PackageManagerService.java, in enforceCrossUserOrProfilePermission, where a missing permission check can bypass INTERACT_ACROSS_PROFILES. This enables local escalation of privilege on Android 11 without user interaction. Documents con...
CVE-2021-0943
CVE-2021-0943 affects Android, with the MMU_MapPages function showing an out-of-bounds write due to improper input validation. This could lead to local escalation of privilege without extra execution privileges, and exploitation requires no user interaction. Sources consistently describe the vuln...
CVE-2021-39814
CVE-2021-39814 affects Android kernel: in ppmp_validate_wsm of drm_fw.c there is an out-of-bounds write caused by an incorrect bounds check, enabling local privilege escalation with System execution privileges required and no user interaction. Documents indicate a local attack with high impact (C...
CVE-2022-20121
CVE-2022-20121 describes an information-disclosure vulnerability in Android related to the USCCDMPlugin/USCCDMService. The root cause is a missing permission check in getNodeValue of USCCDMPlugin.java, enabling local disclosure of ICCID with no extra execution privileges and without user interact...
CVE-2022-20432
CVE-2022-20432 is documented in multiple feeds with concrete technical details: it targets UNISOC components in the Android Telephony stack, where a missing authorization check in a system service leads to Local Elevation of Privilege. The UNISOC entry places the vulnerability under Telephony wit...
CVE-2022-23426
Samsung DeX Home (and DeX for PC) prior to SMR Feb-2022 Release 1 contains a vulnerability that uses PendingIntent to access files with system privileges. This is a local privilege escalation with partial confidentiality/integrity impact per the sources. There are no exploit details provided in t...
CVE-2022-32598
CVE-2022-32598 affects the Widevine component, where an incorrect bounds check can cause an out-of-bounds write. This enables local escalation to SYSTEM privileges with no user interaction required. A patch/mitigation reference is PATCH ID: ALPS07446228 (Issue ALPS07446228); no further product/ve...
CVE-2022-39134
CVE-2022-39134 is described in the sources as a use-after-free vulnerability caused by a race condition in the audio driver, leading to local denial of service in the kernel. Public documents confirm the issue exists and affect kernel/audio pathways, with a CVSS v3.1 score of 4.7 (Medium) reflect...
CVE-2023-20842
CVE-2023-20842 affects MediaTek devices via the core component described as /imgs y s_cmdq/ . The vulnerability is an out-of-bounds write caused by missing valid range checking in imgsys_cmdq, which can enable local privilege escalation with System execution privileges after user interaction. No ...
CVE-2024-25984
The CVE-2024-25984 issue affects Google/Android devices, referencing a heap-buffer overflow in the dumpBatteryDefend path of dump_power.cpp that can trigger an out-of-bounds read and local information disclosure without user interaction or extra privileges. Public sources (Pixel security bulletin...
CVE-2024-31335
The CVE-2024-31335 entry concerns a logic error in DevmemIntChangeSparse2 within devicemem_server.c that can enable arbitrary code execution with local privilege elevation in the kernel. Connected sources indicate affected components include Android’s kernel-related stack and PowerVR-GPU subcompo...
CVE-2024-34738
CVE-2024-34738 affects Android’s Framework via AppOpsService.java, enabling unprivileged apps to read their own restrictRead app-op states because of a logic error. This can lead to local elevation of privilege with no extra execution privileges or user interaction required. Connected sources cor...
CVE-2024-43084
CVE-2024-43084 is a Google Android information-disclosure flaw described across multiple sources as a confused-deputy in visitUris. Affected area is listed under Android security data with an information disclosure (ID) or library/Framework contexts, enabling local access to sensitive data withou...
CVE-2024-44093
CVE-2024-44093 describes a memory corruption vulnerability in the function ppmp_unprotect_buf within drm/code/drm_fw.c. Exploitation could enable local privilege escalation without additional execution privileges or user interaction. The issue is referenced across multiple feeds (NVD, Red Hat, CV...
CVE-2025-20635
CVE-2025-20635 concerns MediaTek V6 DA with a missing bounds check in the DA module, enabling a possible out-of-bounds write and local elevation of privilege if an attacker has physical access to the device. Exploitation requires user interaction; no remote/vector details are provided. The patch ...
CVE-2017-11089
CVE-2017-11089: A buffer overread in nl80211_set_station occurs when a user-space app sends NL80211_ATTR_LOCAL_MESH_POWER_MODE with data smaller than 4 bytes. Affected: Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF Linux kernel. Root cause and exact vendor-specific fixes a...
CVE-2018-9349
CVE-2018-9349 describes an out-of-bounds read in the mv_err_cost function of mcomp.c, leading to denial of service with no additional privileges. Exploitation requires user interaction. The available documents do not specify affected products/versions or a patched release; no concrete remediation...