8153 matches found
CVE-2021-0504
CVE-2021-0504 describes an out-of-bounds read in the Bluetooth AVRCP parser (avrc_pars_browse_rsp in avrc_pars_ct.cc) due to a missing bounds check. This could enable remote information disclosure on Android 11 devices without additional execution privileges and with no user interaction (attack v...
CVE-2021-0921
CVE-2021-0921 is a Android 11 elevation-of-privilege issue in ParsingPackageImpl.java caused by an input validation mismatch during parcel serialization/deserialization. The vulnerability enables local attackers to gain additional privileges with no user interaction required. Multiple connected s...
CVE-2021-0927
CVE-2021-0927 describes a local elevation-of-privilege in Android’s TvInputManagerService, triggered by a logic error in requestChannelBrowsable. The vulnerability affects Android 8.1, 9, 10, 11 and 12 and could allow a local attacker to bypass permissions with no user interaction. Public documen...
CVE-2021-39688
The CVE-2021-39688 entry concerns the Android kernel, with an out-of-bounds read vulnerability that could allow local information disclosure without requiring additional privileges and without user interaction. The affected area is described as Android kernel components, affecting Android-based d...
CVE-2021-39749
CVE-2021-39749 affects Android 12L WindowManager; it allows starting non-exported/protected activities due to a missing permission check, enabling local privilege escalation with no additional privileges and no user interaction. A PoC demonstrates cross-app activity startup via TaskFragment/Choos...
CVE-2021-39806
CVE-2021-39806 affects Android 12L, with a memory corruption risk due to a double free in closef of label_backends_android.c. The issue could enable local escalation of privilege during servicemanager startup if an initialization failure is triggered, with no additional execution privileges requi...
CVE-2022-20205
CVE-2022-20205 describes an information-disclosure issue in Android where isFileUri in FileUtil.java may bypass the file:// scheme check due to improper input validation. The vulnerability allows local information disclosure without extra privileges, with exploitation not requiring user interacti...
CVE-2022-20389
CVE-2022-20389 is tied to Android SoC/Unisoc components. The connected documents specify affected areas as Android SoC and Unisoc Android components, with a high severity rating (CVE-2022-20389) and no publicly disclosed exploit details in the provided sources. There are no vendor/product version...
CVE-2022-20586
CVE-2022-20586 describes an elevation of privilege in the Android kernel due to improper input validation in the function valid_out_of_special_sec_dram_addr within drm_access_control.c. The vulnerability could allow local escalation of privilege without any additional execution privileges, with a...
CVE-2022-44426
CVE-2022-44426 describes a local denial-of-service condition due to a missing bounds check in the WLAN driver. The primary impact is local DoS in WLAN services; exploitation details are not provided in the sources. CVSSv3.1 metrics from the NVD indicate a base score of 5.5 (Medium) with LOCAL acc...
CVE-2023-20698
CVE-2023-20698 affects MediaTek "keyinstall" with an out-of-bounds read caused by a missing bounds check. Impact is local information disclosure with system privileges needed; no user interaction. Patch ALPS07589144 addresses the issue. Connected sources consistently reference keyinstall across m...
CVE-2023-21162
CVE-2023-21162 affects the PowerVR GPU driver (Imagination Technologies) via RGXUnbackingZSBuffer in rgxta3d.c. The issue is a use-after-free that could enable arbitrary code execution and local kernel privilege escalation without extra interaction. Public exploitation details aren’t provided in ...
CVE-2023-32836
The CVE-2023-32836 entry relates to MediaTek ALPS08126725 affecting the display component. The root cause is an integer overflow leading to an out-of-bounds write, enabling local escalation of privilege with System privileges required; no user interaction is needed. Patch ALPS08126725 is referenc...
CVE-2024-20100
CVE-2024-20100 concerns a possible out-of-bounds write in the MediaTek wlan driver, caused by improper input validation. The issue could allow remote code execution with no privileges or user interaction required. Connected sources consistently identify the affected component as the MediaTek WLAN...
CVE-2024-39432
CVE-2024-39432 affects Unisoc UMTS RLC driver; root cause is a missing bounds check causing an out-of-bounds read. According to Red Hat and NVD entries, this can lead to remote DoS with system privileges. PT-2024-9414 adds that exploitation could enable remote code execution and full system compr...
CVE-2024-43085
The CVE-2024-43085 entry concerns Android’s UsbDeviceManager.java: In handleMessage a logic error could allow local privilege escalation by reading device contents over USB without unlocking, with no user interaction required. Affected component is the Android USB subsystem; impact is local eleva...
CVE-2014-7914
The CVE-2014-7914 entry concerns the Android Bluetooth stack (btif_dm.c) prior to version 5.1. The root cause is improper enforcement of the temporary nature of Bluetooth pairing, which can be bypassed by an attacker via crafted Bluetooth packets after a user taps a crafted NFC tag. Documented im...
CVE-2019-2005
CVE-2019-2005 affects Android 8.0–9, where in onPermissionGrantResult of GrantPermissionsActivity.java a missing permission check can lead to a local elevation of privilege on a locked device. Exploitation requires user interaction; no additional execution privileges are needed. NVD lists CVSSv3 ...
CVE-2020-0019
CVE-2020-0019 affects Broadcom Nexus firmware in Android SoCs, where an insecure default password may allow local information disclosure in the kernel without extra privileges or user interaction. Exploitation is local; impact is confidentiality loss as described by CVSS metrics. The available do...
CVE-2020-0096
CVE-2020-0096 is an Android local privilege-escalation (StrandHogg 2.0) rooted in startActivities of ActivityStartController.java. The flaw allows a confused deputy to execute code with a privileged context on Android 8.0–9.0, with no user interaction required. Affected products/versions are Andr...
CVE-2020-0251
CVE-2020-0251 : An out-of-bounds read due to an incorrect bounds check in the Android Multimedia Processing Driver (Android SoC). Per the CVE entry, it is rated HIGH (CVSS v3.1 base 7.5). Connected documents corroborate the component as the Multimedia Processing Driver in Android; no exploitation...
CVE-2020-0294
CVE-2020-0294 affects Android; in WallpaperManagerService.bindWallpaperComponentLocked there is a permission bypass caused by an unsafe PendingIntent. The issue allows local elevation of privilege with user privileges required, and does not require user interaction. Affected Android versions incl...
CVE-2020-0386
CVE-2020-0386 concerns an Elevation of Privilege in Android related to a tapjacking risk in RequestPermissionActivity.java. The issue arises in onCreate where an insecure default value could enable a local attacker to manipulate Bluetooth discoverability, requiring user interaction for exploitati...
CVE-2020-0441
CVE-2020-0441 affects Android framework’s Notification.java (Message and toBundle) where improper input validation can cause resource exhaustion and remote DoS without user interaction. Affected: Android 8.0–11 (Android-8.0, -8.1, -9, -10, -11). Impact: denial of service requiring device reset as...
CVE-2020-0457
CVE-2020-0457 is an out-of-bounds write due to a missing bounds check affecting Android devices, with a specific association to MediaTek components (vcu) in the 2020 Android security bulletin set. Connected sources indicate the issue is documented across NVD, Red Hat, CVE records, and OSV entries...
CVE-2021-0471
CVE-2021-0471 : In Android, the decrypt_1_2 function in CryptoPlugin.cpp can trigger an out-of-bounds read due to an integer overflow, leading to local information disclosure without extra privileges or user interaction. Affected: Android 8.1, 9, 10, 11. No public details in the connected docs sp...
CVE-2021-0686
CVE-2021-0686 affects Android 10/11 and involves RoleManagerService.getDefaultSmsPackage. A missing permission check could allow a local attacker to disclose information about the default SMS app for a different device user without user interaction. The vulnerability enables local information dis...
CVE-2021-0881
CVE-2021-0881 describes an integer overflow in the PowerVR kernel driver component PVRSRVBridgeRGXKickCDM that occurs due to a missing size check. This can enable out-of-bounds heap access and lead to local escalation of privilege without extra execution privileges or user interaction. The vulner...
CVE-2021-0932
CVE-2021-0932 affects Android 10 via an unsafe PendingIntent in showNotification (NavigationModeController.java), enabling a possible confused deputy and local elevation of privilege with actions executed as the System UI, without user interaction. Public details consistently reference the same r...
CVE-2021-39656
CVE-2021-39656 affects the Linux kernel used by Android. A use-after-free in __configfs_open_file (file.c) arises from improper locking, enabling local privilege escalation with kernel execution privileges; no user interaction is required. The vulnerability is documented in upstream kernel refere...
CVE-2021-39687
Summary: CVE-2021-39687 affects Android kernel code in the driver path, specifically the HandleTransactionIoEvent in the actuator_driver.cc. The issue is a possible out-of-bounds read caused by a heap buffer overflow, which can lead to a local information disclosure without requiring user interac...
CVE-2022-21743
CVE-2022-21743 affects the component referenced as ion , where an integer overflow can trigger a use-after-free vulnerability. This leads to potential local privilege escalation without requiring additional execution privileges or user interaction (per the provided descriptions). The issue is doc...
CVE-2022-39132
CVE-2022-39132 describes a probable out-of-bounds write in the kernel camera driver caused by a missing bounds check, enabling a local denial of service. The affected component is the camera driver; the root cause is an unchecked input/buffer access leading to memory write beyond bounds. The impa...
CVE-2022-42770
CVE-2022-42770 describes a race condition in the WLAN driver that could cause a local denial of service. The vulnerability is referenced across multiple advisories (e.g., Red Hat CVE entry, NVD entry, and Unisoc/kernel listings) and is labeled with a MEDIUM severity (CVSSv3.1: 4.7; LOCAL access, ...
CVE-2022-48455
CVE-2022-48455 is a local vulnerability described as a possible out-of-bounds write in the wifi service due to a missing bounds check, leading to local denial of service without extra privileges. The primary sources (NVD/NVD-derived entries) show a CVSS v3.1 base score of 5.5 (Medium) with Local ...
CVE-2023-20697
CVE-2023-20697 affects MediaTek devices via the keyinstall module, due to a missing bounds check that enables an out-of-bounds read. This can lead to local information disclosure with System privileges required; exploitation does not require user interaction. The patch referenced is ALPS07589148 ...
CVE-2023-21215
CVE-2023-21215 relates to a race condition in the PowerVR GPU driver (DevmemIntAcquireRemoteCtx in devicemem_server.c) that can allow arbitrary code execution and local kernel privilege escalation without user interaction. The available connected records confirm the vulnerability and its impact b...
CVE-2023-32835
CVE-2023-32835 affects MediaTek devices, specifically the keyinstall module. The issue is a memory corruption due to a type confusion vulnerability, leading to local elevation of privilege with System execution privileges needed. Exploitation requires no user interaction per the initial descripti...
CVE-2024-27205
CVE-2024-27205 describes memory corruption due to a use-after-free, leading to local escalation of privilege with no user interaction. The available documents indicate a HIGH-severity, LOCAL-exploitation scenario with no exploitation prerequisites; no specific affected product/version or fix is p...
CVE-2024-27230
The vulnerability CVE-2024-27230 affects ProtocolPsKeepAliveStatusAdapter::getCode() in protocolpsadapter.cpp, with a missing bounds check causing an out-of-bounds read that could disclosures local information and requires baseband firmware compromise. Exploitation status is not detailed in the p...
CVE-2024-40652
The CVE-2024-40652 entry describes an elevation-of-privilege issue in Android’s SettingsHomepageActivity onCreate, where a missing permission check could allow provisioning-phase access to the Settings app. This enables local privilege escalation with UI interaction required for exploitation. Pub...
CVE-2024-40657
CVE-2024-40657 affects the Android Framework, specifically the AccountTypePreferenceLoader.addPreferencesForType path. The issue can enable a confused deputy to disable apps for other users, causing local elevation of privilege with no extra execution privileges required and no user interaction n...
CVE-2024-40661
CVE-2024-40661 affects Android’s mayAdminGrantPermission in AdminRestrictedPermissionsUtils.java, enabling access to the microphone and leading to local elevation of privilege with no extra execution privileges required. Exploitation is local and does not require user interaction. Android bulleti...
CVE-2024-43090
CVE-2024-43090 affects the Android Framework component, describing a cross-user image read caused by a missing permission check. This leads to local information disclosure with user privileges required, as noted in multiple sources (Android OS CVE entry and related bulletins). The Android securit...
CVE-2025-48581
CVE-2025-48581 corresponds to a logic error in the Android system component apexd.cpp, within the VerifyNoOverlapInSessions function, that can block security updates. The impact is local privilege escalation with no additional execution privileges required and no user interaction needed for explo...
CVE-2020-0450
CVE-2020-0450 affects Android via rw_i93_sm_format in rw_i93.cc, where an out-of-bounds read can arise from uninitialized data. This could enable remote information disclosure over NFC with no additional execution privileges; exploitation requires user interaction. Affected Android versions inclu...
CVE-2021-0394
CVE-2021-0394 is an out-of-bounds read in android_os_Parcel_readString8 caused by a missing bounds check, enabling local information disclosure without extra privileges. Affected: Android 11, 10, 9, 8.1; exploitation is local and does not require user interaction. Mitigation per the Android Secur...
CVE-2021-0400
CVE-2021-0400 affects Android 9–11 in GnssLocationProvider.java. In injectBestLocation and handleUpdateLocation, there is improper input validation that could cause the device to report location data to emergency services incorrectly. Exploitation is local (attack vector: LOCAL) with no user inte...
CVE-2021-0439
CVE-2021-0439 affects Android 11 and is tied to a vulnerability in setPowerModeWithHandle in com_android_server_power_PowerManagerService.cpp. The issue is an out-of-bounds write caused by a missing bounds check, enabling local escalation of privilege with no additional execution privileges and w...
CVE-2021-0649
CVE-2021-0649 affects Android 11: In Vpn.java’s stopVpnProfile, there is a permissions bypass leading to a possible VPN profile reset and local elevation of privilege (CONTROL_ALWAYS_ON_VPN) with no user interaction. The issue is classified as a local elevation of privilege; patches are reference...