8153 matches found
CVE-2024-20140
CVE-2024-20140 concerns MediaTek power module code with a missing bounds check, causing an out-of-bounds write. This can enable local escalation of privilege to System level without user interaction, as described across NVD/Red Hat/OSV/NCSC and related advisories. The root cause is an out-of-boun...
CVE-2024-20143
CVE-2024-20143 affects V6 DA with an out-of-bounds write caused by a missing bounds check. The issue could allow local escalation of privilege on devices with physical access and requires user interaction to exploit. Patch ALPS09167056 (MSV-2069) is available. Red Hat and OSV entries corroborate ...
CVE-2024-23711
CVE-2024-23711 describes a logic error in DevmemXIntUnreserveRange within devicemem_server.c that enables arbitrary code execution and local kernel privilege escalation without extra privileges or user interaction. Multiple sources (NVD, Red Hat, OSV) corroborate the same root cause. Impact is hi...
CVE-2024-27233
CVE-2024-27233 affects the ppcfw_init_secpolicy function in ppcfw.c, describing a possible permission bypass caused by uninitialized data that could enable local privilege escalation with no extra privileges and no user interaction. Connected sources (Red Hat, NVD, PRION, CVE listings) corroborat...
CVE-2024-31311
CVE-2024-31311 affects Google Android; the flaw is an out-of-bounds write in the function increment_annotation_count within stats_event.c, caused by a missing bounds check. This can enable local elevation of privilege with no additional execution privileges and without user interaction. Affected ...
CVE-2024-34733
CVE-2024-34733 involves DevmemXIntMapPages in devicemem_server.c, with an integer overflow that could enable arbitrary code execution and local kernel-level privilege escalation. Exploitation is described as requiring local access with no user interaction. The Red Hat entry confirms the same desc...
CVE-2024-34734
CVE-2024-34734 describes an Elevation of Privilege in Android related to FooterActionsViewModel.kt (onForegroundServiceButtonClicked): an insecure default value could allow disabling the active VPN from the lockscreen with local impact and no user interaction. The vulnerability is tracked in mult...
CVE-2014-9922
CVE-2014-9922 affects the Linux kernel’s eCryptfs subsystem, where the combination of eCryptfs and an overlayfs stack can let a local user gain privileges. The issue is triggered by a vulnerability in fs/ecryptfs/main.c and fs/overlayfs/super.c, with impact described as local privilege escalation...
CVE-2020-0377
CVE-2020-0377 targets Android Bluetooth stack: in gatt_process_read_by_type_rsp of gatt_cl.cc, a missing bounds check allows an out-of-bounds read, enabling remote information disclosure on Bluetooth servers without extra privileges. Affected: Android 8.0–11 (Android-8.0, 8.1, 9, 10, 11) per the ...
CVE-2021-0431
CVE-2021-0431 : A vulnerability in Android’s Bluetooth AVRCP API (avrc_api.cc) enables an out-of-bounds read in avrc_msg_cback due to a missing bounds check. This could allow a remote attacker controlling a paired device to disclose memory contents without executing code or requiring user interac...
CVE-2021-0436
CVE-2021-0436: In CryptoPlugin::decrypt (CryptoPlugin.cpp) on Android, there is a possible out-of-bounds read caused by integer overflow, potentially leading to local information disclosure without extra privileges. Affected: Android devices (Android-8.1, 9, 10, 11). Impact is information disclos...
CVE-2021-0523
CVE-2021-0523 affects Android (notably Android-10/Android-11) via a tapjacking/overlay fault in WifiScanModeActivity.java that could enable Wi‑Fi scanning without consent, leading to local elevation of privilege with user execution required. Documents confirm the root cause (overlay/tapjacking in...
CVE-2021-0699
Summary (CVE-2021-0699) An out-of-bounds write in HTBLogKM of TBD can lead to local kernel privilege escalation with no user interaction required. Connected sources indicate this vulnerability affects Imagination Technologies’ PowerVR-GPU components (PowerVR-GPU CVE-2021-0699) and is rated High s...
CVE-2021-39719
CVE-2021-39719 affects the Android kernel, specifically the lwis subsystem (lwis_top_register_io in lwis_device_top.c). The issue is described as a possible out-of-bounds write caused by an integer overflow, leading to local elevation of privilege with System execution privileges required. User i...
CVE-2021-39727
CVE-2021-39727 describes an information-disclosure vulnerability in Android’s acropora/app/identity/libeic/EicPresentation.c, caused by a race condition in the function eicPresentationRetrieveEntryValue . The issue can enable local information disclosure with System-level privileges and does not ...
CVE-2022-20436
CVE-2022-20436 is an elevation-of-privilege vulnerability in Android involving an unauthorized service in the system service, where a component lacks permission checks, enabling Local EoP. The core issue is described across multiple sources as an Android/UNISOC Android component vulnerability aff...
CVE-2022-20438
CVE-2022-20438 affects the Android Messaging component. The issue is an unauthorized broadcast in Messaging that can cause a Local Denial of Service. According to the CVE entry, the vulnerability is exploitable with local access (attack vector: LOCAL), requires low privileges, and does not requir...
CVE-2022-26471
CVE-2022-26471 affects MediaTek telephony components. The root cause is a package/parcel format mismatch that enables local privilege escalation with no additional execution privileges or user interaction required. The NVD entry reports a CVSS v3.1 base score of 7.8 (High) with LOCAL attack vecto...
CVE-2022-32599
In CVE-2022-32599, a logic error in MediaTek’s rpmb component could cause an out-of-bounds write, leading to local escalation of privilege with System execution privileges required. The issue is described as a local, non-user-interaction vulnerability with a high-impact potential (confidentiality...
CVE-2022-32601
CVE-2022-32601 is a MediaTek telephony vulnerability caused by a parcel format mismatch that enables local escalation of privilege with no extra execution privileges required. Exploitation is described as local (AV:L, AC:L, PR:L) with no user interaction, and the impact is elevated privileges to ...
CVE-2022-39133
CVE-2022-39133 is described as a missing bounds check in the wlan driver, which could cause a local denial of service in wlan services. The NVD entry lists a CVSSv3.1 base score of 5.5 (Medium), with LOCAL attack vector, LOW attack complexity, LOW privileges required, no user interaction, and an ...
CVE-2023-20656
CVE-2023-20656 affects MediaTek geniezone: a logic error enables an out-of-bounds write that could allow local escalation of privilege with System privileges required. Public details in the sources indicate no user interaction is necessary. The issue is tracked with ALPS07571494 (Patch ID) and is...
CVE-2023-40083
CVE-2023-40083 describes an out-of-bounds read in the Android utility function parse_gap_data (utils.cc). The underlying issue is a missing bounds check, enabling potential local information disclosure. Exploitation requires user privileges but does not require user interaction. Public references...
CVE-2023-48409
Summary: CVE-2023-48409 affects the Mali KBase GPU kernel module on Google Pixel devices. The vulnerability is described as a possible out-of-bounds write triggered by an integer overflow in the function gpu_pixel_handle_buffer_liveness_update_ioctl within private/google-modules/gpu/mali_kbase/ma...
CVE-2024-20057
CVE-2024-20057 is a MediaTek keyInstall vulnerability caused by a missing bounds check that enables an out-of-bounds write, potentially leading to local privilege escalation with SYSTEM privileges. Exploitation is reported as not requiring user interaction. The issue is associated with MediaTek r...
CVE-2024-27221
CVE-2024-27221 describes an out-of-bounds write in the update_policy_data function caused by a missing bounds check, enabling local elevation of privilege without user interaction. Public references in the connected documents point to Google Pixel as affected, with the issue categorized as EoP an...
CVE-2024-27226
CVE-2024-27226 describes an out-of-bounds write in tmu_config_gov_params, caused by a missing bounds check. The vulnerability allows local privilege escalation with no additional privileges or user interaction required. Public references/entries across multiple sources (NVD, Red Hat, CVE list, OS...
CVE-2024-27237
CVE-2024-27237 involves a logic error in wipe_ns_memory() within nsmemwipe.c that can cause an incorrect size calculation. This flaw permits local information disclosure without requiring elevated privileges or user interaction. The vulnerability is described across multiple sources (NVD/Red Hat/...
CVE-2024-29757
The CVE-2024-29757 vulnerability is an Elevation of Privilege issue in Google Android Pixel firmware, caused by whitelisting of debugging certificates. Affected component (Pixel Companion) can bypass certain permissions, enabling local escalation of privilege without additional execution privileg...
CVE-2024-40660
CVE-2024-40660 concerns Android’s SurfaceFlinger.cpp: setTransactionState contains a logic error that can change protected display attributes. The vulnerability enables local escalation of privilege with no extra execution privileges required and no user interaction needed. Evidence across source...
CVE-2014-9900
CVE-2014-9900 affects the Linux kernel (ethtool_get_wol in net/core/ethtool.c) up to version 4.7. It can leak kernel memory due to uninitialized data, enabling local information disclosure. Reported impact seen on Android devices (Nexus 5/2013 era) with Android before 2016-08-05. Public advisorie...
CVE-2019-1990
CVE-2019-1990 affects Android’s Media framework, specifically the ihevcd_fmt_conv_420sp_to_420p path in ihevcd_fmt_conv.c. The issue is an out-of-bounds write caused by a missing bounds check, enabling remote code execution with user interaction required. Affected Android versions: 7.0–9.0. The v...
CVE-2019-2004
CVE-2019-2004 describes an information-disclosure flaw in Android’s framework via InputTransport.cpp (in publishKeyEvent, publishMotionEvent, and sendUnchainedFinishedSignal) caused by uninitialized data. The issue enables local information disclosure without user interaction and affects Android ...
CVE-2019-2006
CVE-2019-2006 affects Android 9 where a memory corruption via use-after-free in the HalDeathHandlerHidl.cpp serviceDied can lead to local escalation of privilege in the audio server. Exploitation requires no user interaction; privileges required are NONE. The issue is categorized as Elevation of ...
CVE-2020-0016
CVE-2020-0016 concerns Broadcom Nexus firmware where an insecure default password in the Broadcom middleware could permit local escalation of privilege in the kernel without user interaction. Affected context is tied to Android devices/SoCs using this firmware; exploitation is described as local,...
CVE-2020-0393
CVE-2020-0393 affects Android during 9–11 in the Media Framework: decrypt and decrypt_1_2 in CryptoPlugin.cpp allow an out-of-bounds read due to a missing bounds check, enabling local information disclosure without user interaction. The issue is documented in multiple sources (NVD/NVD CVSS detail...
CVE-2020-0395
CVE-2020-0395 affects Google/Android platforms (Android 8.0–11) in the EmergencyCallbackModeService.showNotification path. The root cause is an unsafe PendingIntent that enables a possible permission bypass, leading to local information disclosure under user privileges without user interaction. A...
CVE-2020-0407
The CVE-2020-0407 entry concerns Android kernel/F2FS encryption where hardware that supports only 32-bit IVs leads to truncation to 32 bits for 64-bit IVs in certain implementations. This IV truncation can cause IV reuse, weakening disk encryption and potentially enabling local information disclo...
CVE-2021-0335
CVE-2021-0335 affects Google's Android 11 Media Framework. The vulnerability arises from an out-of-bounds write in C2SoftHevcDec.cpp caused by a use-after-free, enabling remote information disclosure without additional execution privileges. Exploitation requires user interaction. The issue is doc...
CVE-2021-0395
CVE-2021-0395 affects Android 11 in StopServicesAndLogViolations (reboot.cpp): memory corruption via use-after-free, enabling local privilege escalation with no additional execution privileges and no user interaction. Exploitation status not detailed in the provided documents. The issue is addres...
CVE-2021-0446
CVE-2021-0446 affects Android 11, specifically the ImportVCardActivity. The vulnerability allows bypassing user consent via a tapjacking/overlay attack, enabling local escalation of privilege with user-execution privileges needed. The exploit requires user interaction. Root cause is an overlay-ba...
CVE-2021-0466
CVE-2021-0466 is an Android 10 information-disclosure vulnerability. It resides in startIpClient of ClientModeImpl.java and could expose a device identifier to a proximal attacker without remote code execution or user interaction. The Red Hat and NVD entries confirm the issue affects Android 10 a...
CVE-2021-0467
CVE-2021-0467 affects Chromecast bootROM with an out-of-bounds write caused by an incorrect bounds check. This allows local escalation of privilege in the bootloader with physical USB access and no user interaction. The Android bulletin notes fixes at 2021-05-01/2021-05-05 patch levels; no exploi...
CVE-2021-0650
CVE-2021-0650 : In WT_InterpolateNoLoop of eas_wtengine.c, an incorrect bounds check allows an out-of-bounds read, potentially enabling remote information disclosure without extra privileges. Affected: Android 9–11 (as listed). Exploitation requires user interaction. No exploit details provided; ...
CVE-2021-0799
CVE-2021-0799 affects Android 12. In ActivityThread.java, there is a reported vulnerability allowing collision of the content provider’s authorities, enabling local elevation of privilege with no extra execution privileges required. Impact is described as local privilege escalation; exploitation ...
CVE-2021-0879
CVE-2021-0879 involves the PVRSRVBridgeRGXTDMSubmitTransfer path of the PowerVR kernel driver. A missing size check enables a potential integer overflow, leading to out-of-bounds heap access. This could allow local escalation of privilege without additional execution privileges and without user i...
CVE-2021-0945
CVE-2021-0945 concerns the PowerVR kernel driver (Imagination Technologies) where a missing bounds check in PMRCreate can overwrite heap memory via PhysmemNewRamBackedPMR. This vulnerability could enable local escalation of privilege with no extra execution privileges required and no user interac...
CVE-2022-20158
CVE-2022-20158 affects the Android kernel in the backing-dev.c component (bdi_put and bdi_unregister). The issue is a use-after-free leading to memory corruption, with the documented impact of local privilege escalation to SYSTEM level. Exploitation is described as local (AV:L, UI:N) with no user...
CVE-2022-23728
CVE-2022-23728 concerns an LG smartphone vulnerability where an attacker can reset the device using AT Command during the reboot process (LG ID LVE-SMP-210011). The CVSSv3.1 vector indicates physical access, low complexity, no privileges required, and no user interaction, with impact on integrity...
CVE-2022-26472
The CVE-2022-26472 entry describes a local elevation of privilege in MediaTek IMS due to a parcel format mismatch. Affected component: ims on MediaTek chips; root cause: parcel format mismatch enabling local EoP with no user interaction and no additional execution privileges required (per the ini...