8153 matches found
CVE-2025-48530
CVE-2025-48530 affects the Android System component. It arises from out-of-bounds access due to incorrect bounds checking in multiple locations, enabling remote code execution with no extra privileges and no user interaction. The issue is characterized as a global Android risk in the System table...
CVE-2025-48595
CVE-2025-48595 is an Android Framework vulnerability involving an integer overflow that could enable code execution and local privilege escalation without user interaction. The Android Security Bulletin (June 2026) lists this CVE under Framework in the 2026-06-01 patch level with an overall high/...
CVE-2017-0785
CVE-2017-0785 is an Android Bluetooth SDP information-disclosure vulnerability in the Bluetooth stack. The SDP server can leak memory/allow an out-of-bounds read by manipulating the SDP continuation state in requests, enabling information disclosure. Affected Android versions include 4.4.4–8.0 (a...
CVE-2025-48543
The CVE-2025-48543 entry describes a use-after-free vulnerability in the Android Runtime (ART) that can escape the Chrome sandbox to attack system_server, enabling local privilege escalation without user interaction. Affected scope per sources includes ART-related code paths in Android 13–16, wit...
CVE-2019-9455
CVE-2019-9455: In the Android kernel video driver, there is a kernel pointer leak caused by a WARN_ON statement, leading to local information disclosure with System execution privileges needed. Local exploitation is possible without user interaction. The connected Nessus advisories corroborate th...
CVE-2025-22429
CVE-2025-22429 affects Android Framework. A logic error in multiple locations could allow local elevation of privilege with no user interaction required. Exploitation status isn’t detailed in the provided documents. Android security bulletin entries associate this CVE with the 2025-04 patch level...
CVE-2025-26455
The CVE-2025-26455 entry describes an out-of-bounds write in NdkMediaCodec.cpp caused by a heap buffer overflow, enabling local privilege escalation with no additional execution privileges and no user interaction required. The connected documents do not provide exploitation details or concrete pa...
CVE-2025-22441
CVE-2025-22441 concerns a Confused Deputy in Android RemoteViews loading path. The vulnerability arises when RemoteViews.mApplication can influence LoadedApk via getContextForResourcesEnsuringCorrectCachedApkPaths, leading to checkAndUpdateApkPaths potentially altering the LoadedApk state and Loa...
CVE-2025-26444
CVE-2025-26444 affects Android’s VoiceInteractionManagerService (onHandleForceStop). A logic error can cause a user-selected assistant to be forcibly stopped, causing the system to revert to the default assistant and locally escalate privileges by granting ROLE_ASSISTANT to the default app with n...
CVE-2025-22419
Android framework vulnerability (CVE-2025-22419) where a tapjacking/overlay attack could mislead a user into enabling malicious phone call forwarding, enabling local privilege escalation with user interaction required. Public details point to patches in the 2025-04-01/04-05 security levels; remed...
CVE-2025-26436
CVE-2025-26436 refers to a BAL bypass in Android’s PendingIntentRecord.clearAllowBgActivityStarts, enabling an application to launch an activity from the background and achieve local elevation of privilege without user interaction. Affected component: Android Framework (PendingIntentRecord.java)....
CVE-2025-22437
CVE-2025-22437 is tied to a logic error in Android’s setMediaButtonReceiver across multiple files, enabling a background process to launch arbitrary activities and cause local privilege escalation without extra execution privileges or user interaction. The vulnerability is categorized as Elevatio...
CVE-2025-26440
CVE-2025-26440 affects Android, stemming from issues in CameraService.cpp that can enable background camera use via a permissions bypass. This allows local elevation of privilege with no extra execution privileges and no user interaction required. Documented across multiple sources (Red Hat, NVD,...
CVE-2024-31317
CVE-2024-31317 is a Zygote command-injection vulnerability affecting Android 9–13, enabling a non-privileged app with WRITE_SECURE_SETTINGS to trigger code execution in the Zygote process via unsafe deserialization and manipulated Zygote arguments (e.g., runtime-flags, hidden_api_blacklist_exempt...
CVE-2024-49728
CVE-2024-49728 affects Android Bluetooth code via generateFileInfo in BluetoothOppSendFileInfo.java, enabling a confused deputy to cause cross-user media disclosure. The issue yields local information disclosure without additional privileges and does not require user interaction to exploit, per t...
CVE-2021-0326
CVE-2021-0326 affects wpa_supplicant (P2P/Wi-Fi Direct) where a missing bounds check in p2p_copy_client_info can cause an out-of-bounds write. The flaw may enable remote code execution or other impacts when a device participates in P2P group info processing and is within radio range; no user inte...
CVE-2023-35657
CVE-2023-35657 affects the Bluetooth stack component bta_av_config_ind in bta_av_aact.cc, where a type confusion can cause an out-of-bounds read leading to local information disclosure without extra privileges or user interaction. Public references indicate this vulnerability is tracked in Androi...
CVE-2025-22422
Technical details for CVE-2025-22422 are not publicly provided in the connected documents. Monitor for updates from referenced sources; current materials describe a logic-error elevation of privilege without detail on affected products or fixes.
CVE-2025-22430
CVE-2025-22430 affects Android framework code where isInSignificantPlace missing a permission check could disclose local information. Impact is information disclosure without extra privileges; exploitation is local and requires no user interaction. Connected sources (Android Security Bulletin ent...
CVE-2025-22434
The CVE-2025-22434 issue affects Android Framework, specifically in handleKeyGestureEvent within PhoneWindowManager.java, enabling local privilege escalation without user interaction due to a logic error. The connected Android Security Bulletin entries assign this CVE to an EoP (High) impact in t...
CVE-2025-26421
CVE-2025-26421 affects the Android platform System component. The issue is a logic error that enables local escalation of privilege via a lock-screen bypass, with no user interaction required. Impact is described as Elevation of Privilege (EoP) on the device. AOSP patches update the System compon...
CVE-2025-26423
CVE-2025-26423 is tied to Android’s WifiConfigurationUtil.java, in the function validateIpConfiguration . The issue arises from a missing bounds check that can be triggered to cause a permanent DoS and potentially enable a local escalation of privilege with no extra privileges required. The CVE d...
CVE-2025-26456
CVE-2025-26456 affects DexUseManagerLocal.java in Android; a logic error can crash the system server, leading to local, permanent denial of service without extra privileges or user interaction. Exploitation / patch details are not provided in the supplied documents; no explicit remediation versio...
CVE-2025-22421
CVE-2025-22421 affects Android; a logic error in ContentDescForNotification (NotificationContentDescription.kt) may leak notification content on the lockscreen. This enables local information disclosure with no user interaction. The issue is documented across multiple sources (NVD/Red Hat/CVE dat...
CVE-2025-22425
CVE-2025-22425 : Android framework issue in InstallStart.java onCreate causing a local elevation of privilege due to improper input validation. The vulnerability enables a permissions bypass with only local access and requires user interaction to exploit. Exploitation context is supported by mult...
CVE-2023-21108
CVE-2023-21108 affects Android 11–13 via the Bluetooth SDP discovery path: in sdpu_build_uuid_seq of sdp_discovery.cc, an out-of-bounds write caused by a use-after-free can lead to remote code execution if Hands Free Profile (HFP) is enabled. No user interaction is required. The vulnerability is ...
CVE-2025-26429
CVE-2025-26429 is an Android vulnerability where the collectOps path in AppOpsService.java allows a local DoS due to improper input validation. Exploitation is local with no user interaction and no extra privileges required. The connected advisories reference Android security bulletins and vendor...
CVE-2020-0427
CVE-2020-0427 is confirmed in the connected documents as an Android kernel issue affecting the pinctrl subsystem (core.c). The vulnerability arises in create_pinctrl, where an out-of-bounds read can occur due to a use-after-free, potentially allowing local information disclosure without extra exe...
CVE-2022-22292
CVE-2022-22292 affects Samsung Telecom dynamic receiver functionality; an unprotected dynamic receiver in Telecom prior to SMR Feb-2022 Release 1 allows untrusted apps to launch arbitrary activity. CVSSv3.1 basis: LOCAL, LOW privileges, HIGH impact on confidentiality/integrity, and HIGH impact on...
CVE-2025-22428
The CVE describes a logic error in AppInfoBase.java hasInteractAcrossUsersFullPermission that could allow granting permissions to a secondary user from the primary user, enabling local privilege escalation without user interaction. Affected component: Android framework/AppInfoBase.java. Impact: l...
CVE-2025-22433
CVE-2025-22433 affects Android Framework: a logic error in canForward() of IntentForwarderActivity.java may bypass the cross-profile intent filter used in Work Profiles, enabling local privilege escalation without extra privileges or user interaction. Documents cite affected component and impact;...
CVE-2025-26435
CVE-2025-26435 affects ContentProtectionTogglePreferenceController.java and is due to a logic error in updateState that could allow a secondary user to disable the primary user's app scanning setting, enabling local privilege escalation without additional privileges or user interaction. The entry...
CVE-2025-22439
CVE-2025-22439 involves a vulnerability in Android’s ActionHandler.java: in onLastAccessedStackLoaded, a missing permission check could bypass storage restrictions across apps, enabling local elevation of privilege with user interaction required. Exploitation details and risk are described across...
CVE-2025-32312
CVE-2025-32312 affects Android’s PackageParser.java, specifically the function createIntentsList. Root cause: unsafe deserialization that bypasses lazy bundle hardening, allowing modified data to flow to the next process. Impact: local privilege escalation with no additional privileges required; ...
CVE-2025-26416
The CVE-2025-26416 issue affects SkBmpStandardCodec.cpp in the initializeSwizzler path, described as a heap buffer overflow that causes an out-of-bounds write. The practical result is remote elevation of privilege with no additional execution privileges required and without user interaction. Publ...
CVE-2025-0077
CVE-2025-0077 affects Android’s framework with a race condition in multiple functions of UserController.java. The issue is a buffer copy flaw that lacks input size validation, potentially enabling a local elevation of privilege (EoP) without extra execution privileges and without user interaction...
CVE-2025-26437
The CVE-2025-26437 issue is described across multiple sources as a missing privilege check in CredentialManagerServiceStub (CredentialManagerService.java), enabling local information disclosure by retrieving candidate credentials without requiring extra privileges. Exploitation is possible withou...
CVE-2024-49722
CVE-2024-49722 affects the Android component EditUserPhotoController.java, specifically the showAvatarPicker function. The issue is a cross-user image leak (confused deputy) exposing local information without needing user interaction, and without extra execution privileges. The vulnerability is d...
CVE-2025-26427
CVE-2025-26427 affects Google Android Framework; a path traversal error in multiple locations can grant local escalation of privilege. Exploitation requires user interaction, with no additional execution privileges needed. According to the Android bulletin, this issue is addressed in patch levels...
CVE-2025-26428
CVE-2025-26428 affects Android’s LockTaskController.java, specifically startLockTaskMode. A logic error can enable a lock screen bypass, causing elevation of privilege with no extra execution privileges, requiring user interaction to exploit. The issue is reported across multiple feeds (Red Hat, ...
CVE-2025-26452
CVE-2025-26452 affects Android Framework via the ResourcesImpl.java: loadDrawableForCookie path, where a confused deputy may allow an app’s task snapshots to be accessed, enabling local elevation of privilege without extra execution privileges or user interaction. Public sources (Android bulletin...
CVE-2025-22423
The CVE-2025-22423 entry concerns the dng_ifd.cpp ParseTag function where a missing bounds check can crash the image renderer, enabling remote DoS with no privileges and no user interaction. Connected OSV/Red Hat/Android bulletin records corroborate a bound-check issue in the same function and de...
CVE-2025-26442
The CVE-2025-26442 issue affects Android’s NotificationAccessConfirmationActivity.java (onCreate). Root cause: a logic error in the NLS int ent filter verification leading to information disclosure. Impact: local information disclosure without privilege/UI interaction. Exploitability: LOCAL, with...
CVE-2025-26438
CVE-2025-26438 is a vulnerability in Android Bluetooth SMP authentication due to an incorrect implementation in smp_process_secure_connection_oob_data (smp_act.cc). The issue enables remote elevation of privilege with network access and no user interaction, as described in multiple sources. Conne...
CVE-2025-22418
Technical details about CVE-2025-22418 are not publicly provided in the supplied connected documents. Monitor for updates from official sources.
CVE-2025-26425
The CVE-2025-26425 entry describes a local privilege-escalation issue in Android related to RoleService.java, caused by a logic error that enables permission squatting when android.permission.MANAGE_DEFAULT_APPLICATIONS is not defined. Exploitation is stated to require no user interaction, and th...
CVE-2024-40653
CVE-2024-40653 involves a logic error in ConnectionServiceWrapper.java that can let a permission be retained indefinitely in the background, enabling local elevation of privilege. The issue is described across multiple sources (Android/Red Hat/NVD entries) as requiring user interaction for exploi...
CVE-2024-56189
CVE-2024-56189 describes an out-of-bounds read in SAEMM_DiscloseMsId of SAEMM_RadioMessageCodec.c due to a missing bounds check. The available sources indicate this could allow remote information disclosure after authentication with no additional execution privileges and no user interaction requi...
CVE-2025-22416
CVE-2025-22416 affects Android’s ChooserActivity.java onCreate, enabling a confused deputy to view other users’ images and cause local privilege escalation without extra privileges or user interaction. Public references note it as an Elevation of Privilege issue (High) in the Android 2025-04 secu...
CVE-2025-22427
CVE-2025-22427 affects Android’s NotificationAccessConfirmationActivity.java. A logic error in onCreate could grant notification access above the lock screen, enabling local escalation of privilege with user interaction required. Impact is high (local, high confidentiality/integrity/availability ...