8153 matches found
CVE-2022-20377
CVE-2022-20377 affects Android’s keymaster_ipc.cpp, enabling an attacker to force gatekeeper, fingerprint, and faceauth to use a known HMAC key. This configuration flaw can lead to local elevation of privilege with no additional execution privileges required and without user interaction. Public r...
CVE-2022-20569
CVE-2022-20569 affects the Android kernel, specifically the thermal cooling device stats update path in the thermal_sysfs.c driver. The issue is described as an out-of-bounds write caused by improper input validation in the function thermal_cooling_device_stats_update, which could lead to local e...
CVE-2022-42542
CVE-2022-42542 affects Android 13 via the phNxpNciHal_core_initialized function in phNxpNciHal.cc, where a missing bounds check allows an out-of-bounds write that could enable local escalation of privilege with System execution privileges. Exploitation status is not detailed in the provided docum...
CVE-2022-48392
CVE-2022-48392 affects Unisoc chipsets via the Android dialer service, where a missing permission check can enable local escalation of privilege without requiring extra execution privileges. The CVSS v3.1 vector is LV, LO, PRL, UI N, S U, C H, I H, A H, with a base score of 7.8 (HIGH). Affected i...
CVE-2022-48461
CVE-2022-48461 concerns a vulnerability in the sensor driver where a missing bounds check can cause an out-of-bounds write, leading to local denial of service with System execution privileges. Public sources repeatedly describe the issue as a sensor-driver boundary-check defect in Unisoc/UNISOC-r...
CVE-2023-20849
The CVE-2023-20849 vulnerability is in the imgsys_cmdq component and is caused by missing valid range checking, leading to a use-after-free that can enable local privilege escalation with SYSTEM privileges. Exploitation requires user interaction. Affected context references MediaTek-related discl...
CVE-2023-32851
CVE-2023-32851 involves a MediaTek MediaTek decoder vulnerability: an out-of-bounds write caused by a missing bounds check, enabling local escalation of privilege with user interaction required. The issue is tracked with patch ID ALPS08016652 (and Issue ID ALPS08016652); no exploitation details o...
CVE-2023-48402
CVE-2023-48402 refers to a local elevation-of-privilege in the ppcfw_enable function of ppcfw.c due to a missing permission check. Exploitation requires no user interaction and could grant higher privileges on the device. Multiple sources (including Red Hat and NVD entries) corroborate the same d...
CVE-2023-48403
Summary: CVE-2023-48403 describes a possible out-of-bounds read due to a heap buffer overflow in the function sms_DecodeCodedTpMsg of sms_PduCodec.c. This could enable remote information disclosure without user interaction, as exploitation does not require additional privileges. The vulnerability...
CVE-2024-27209
CVE-2024-27209 corresponds to a local elevation-of-privilege issue described as a possible out-of-bounds write caused by a heap buffer overflow. Public sources indicate this vulnerability affects Google Pixel/Android modem components and can be exploited with no user interaction to achieve privil...
CVE-2024-27222
CVE-2024-27222 affects Google Pixel Android components, specifically the FaceEnrollFoldPage.java onSkipButtonClick path. The issue is described as an Intent Redirect GRANT_URI_PERMISSIONS attack that could let a local attacker access a file the app cannot access, enabling local elevation of privi...
CVE-2015-8955
CVE-2015-8955 affects the Linux kernel on arm64 (arch/arm64/kernel/perf_event.c) prior to 4.1. The issue arises from events across multiple HW PMUs being mishandled, allowing local users to gain privileges or trigger a denial of service via an invalid pointer dereference. Impact is limited to loc...
CVE-2019-2016
CVE-2019-2016 affects Android: the issue is in NFA_SendRawFrame within nfa_dm_api.cc, where improper input validation can cause an out-of-bounds write. This can lead to local privilege escalation with no additional privileges required, and exploitation requires user interaction. Affected Android ...
CVE-2020-0228
CVE-2020-0228 affects Android’s Recorder related service, with the root cause described as an improper configuration of that recorder component. Public summaries in the connected documents indicate an information-disclosure risk (evidence includes CNVD/Red Hat listings and NVD metrics) and classi...
CVE-2020-0278
CVE-2020-0278 describes a possible out-of-bounds write due to an incorrect bounds check in Android components (notably ATF) as referenced in the 2020-09 Android bulletin. The NVD entry assigns a high/critical impact with remote network exploitation, no user interaction required. Connected records...
CVE-2021-0884
CVE-2021-0884 concerns the PowerVR kernel driver’s PVRSRVBridgePhysmemImportSparseDmaBuf function. A missing size check enables an integer overflow, which could permit out-of-bounds heap access and local escalation of privilege without additional execution privileges. Exploitation details (vector...
CVE-2021-0948
CVE-2021-0948 affects the PVRSRVBridgeGetMultiCoreInfo ioctl in the PowerVR kernel driver. The issue allows returning uninitialized kernel memory to user space, meaning the contents of that memory could disclose sensitive information. Supported by multiple connected sources (NVD/Red Hat/CVE ecosy...
CVE-2022-20045
CVE-2022-20045 describes a vulnerability in Bluetooth where a use-after-free can cause a service crash, enabling local escalation of privilege with no extra execution privileges required and no user interaction. The issue is evidenced across multiple sources (NVD, Red Hat, CVE List). The underlyi...
CVE-2022-20054
The CVE-2022-20054 issue affects the ims service, with a missing permission check enabling a possible AT command injection that could allow local escalation of privilege without additional execution privileges or user interaction. Affected context is MediaTek-based platforms (as per multiple sour...
CVE-2022-20088
The CVE-2022-20088 entry concerns the aee driver, where a reference count handling error may allow local privilege escalation to System level without user interaction. The issue is tied to incorrect error handling that can lead to a reference count mistake. A patch is identified as ALPS06209201 (...
CVE-2022-20146
CVE-2022-20146 affects Android via the information disclosure in the uploadFile function of FileUploadServiceImpl.java, caused by a confused deputy that can expose private files locally without extra privileges. Exploitation is local and does not require user interaction. Public details in the co...
CVE-2022-20148
Technical details are not publicly available in the provided connected documents for CVE-2022-20148. Monitor for updates from upstream/kernel advisories; no specifics on affected products, versions, or remediation are included.
CVE-2022-20173
Technical details about CVE-2022-20173 are not provided in the supplied documents. No specifics on affected components or impact. Monitor for updates.
CVE-2022-20180
CVE-2022-20180 describes an elevation of privilege in Android kernel code, arising from a missing bounds check in mali_gralloc_reference.cpp that can allow arbitrary code execution on a local basis. The impact is local privilege escalation with high confidentiality/integrity/availability implicat...
CVE-2022-20207
CVE-2022-20207 affects Android 12L via the static definition in GattServiceConfig.java , where an insecure default value permits a permission bypass leading to local elevation of privilege without user interaction. The issue is described across multiple sources (Android/Red Hat/NVD entries) as a ...
CVE-2022-20404
CVE-2022-20404 is listed in Pixel bulletin data as affecting Android devices via the Modem component (Type: Information disclosure; Severity: Moderate). The vulnerable entry maps to CVE-2022-20404 with Android kernel context in the initial doc, but Pixel security bulletin categorizes it under the...
CVE-2022-20405
CVE-2022-20405 affects the Android kernel/modem stack used by Google Pixel devices, described as a Modem Elevation of Privilege vulnerability. Public details indicate a zero-click style chain that could downgrade the device’s cellular modem to 2G and potentially allow takeover of the handset via ...
CVE-2022-20443
CVE-2022-20443 concerns Android 13 where the hasInputInfo function in Layer.cpp may bypass user interaction via a tapjacking/overlay attack, enabling local escalation of privilege with no extra execution privileges and no user interaction required for exploitation. Affected product: Android 13 (A...
CVE-2022-20460
CVE-2022-20460 affects the Android kernel (mprot_unmap) where improper input validation could corrupt the memory mapping. The consequence is local escalation of privilege, requiring System execution privileges, with no user interaction needed. The description appears across multiple sources (e.g....
CVE-2022-20528
Summary: CVE-2022-20528 affects Android-13 via a flaw in the FindParam path of HevcUtils.cpp causing an out-of-bounds read due to a missing bounds check. This can enable local privilege escalation with no additional execution privileges and no user interaction is required. The vulnerability is do...
CVE-2022-20532
In CVE-2022-20532, the vulnerability lies in MPEG4Extractor.cpp’s parseTrackFragmentRun() where an integer overflow can cause an out-of-bounds read. This may enable remote elevation of privileges without user interaction on Android 13 devices. Documented impact is high across confidentiality, int...
CVE-2022-42508
CVE-2022-42508 affects Android kernel components via ProtocolCallBuilder::BuildSendUssd, where a missing bounds check enables an out-of-bounds write. This can lead to local elevation of privilege with SYSTEMExecution privileges required; exploitation does not require user interaction. The availab...
CVE-2022-42520
CVE-2022-42520: Use-after-free in Android’s ServiceInterface::HandleRequest (serviceinterface.cpp) can lead to local escalation of privilege to system level. Affected component: Android kernel/service interface; exploitation described as LOCAL with HIGH privileges required and no user interaction...
CVE-2022-42527
CVE-2022-42527 involves a crash in the Android kernel due to a missing null check in the function cd_SsParseMsg of cd_SsCodec.c. The issue could allow remote denial of service without requiring privileges or user interaction. The available sources consistently describe the affected component as p...
CVE-2022-42528
CVE-2022-42528 affects Android kernel (ffa_mrd_prot in shared_mem.c). A logic error can cause local information disclosure without additional privileges, with no user interaction required. The vulnerability is documented across multiple sources (Android Pixel kernel context, Red Hat/GNU reference...
CVE-2022-42531
CVE-2022-42531 affects the Android kernel component gs_ldfw_load.c, specifically the mmu_map_for_fw path. The issue is described as a mitigation bypass due to Permissive Memory Allocation, enabling local elevation of privilege without additional execution privileges or user interaction. The vulne...
CVE-2023-20734
CVE-2023-20734 affects the vcu module in MediaTek chips. The issue is described as an out-of-bounds write due to a missing bounds check, potentially enabling local escalation of privilege with SYSTEM privileges and no user interaction required. A patch is available (ALPS07645149; ALPS07645184). C...
CVE-2023-20848
The CVE-2023-20848 entry concerns an out-of-bounds read in imgsys_cmdq caused by missing valid range checking, enabling local escalation of privileges with user interaction required. Documented impact is high for confidentiality/integrity/availability, and a patch ID (ALPS07340433) is noted as th...
CVE-2023-20994
CVE-2023-20994 affects Android 13 via an out-of-bounds write in the function _ufdt_output_property_to_fdt in ufdt_convert.c. The vulnerability stems from an incorrect bounds check, enabling a local escalation of privilege with System execution privileges required and no user interaction. The avai...
CVE-2023-21027
CVE-2023-21027 affects PasspointXmlUtils.java on Android 13. A logic error enables an authentication misconfiguration that can lead to remote information disclosure without additional privileges and without user interaction. NVD CVSSv3.1 base score is 7.5 (HIGH) with network attack vector, no pri...
CVE-2023-21052
CVE-2023-21052 affects the Android kernel component ril_external_client.cpp (setToExternal). The issue is an out-of-bounds write caused by a missing bounds check in that function, enabling local privilege escalation with system-level execution privileges and no user interaction required. Exploita...
CVE-2023-21075
CVE-2023-21075 affects the Android kernel; the vulnerability is in get_svc_hash inside nan.cpp, caused by an out-of-bounds write due to a heap buffer overflow. The impact is local elevation of privilege with System-level execution privileges required; exploitation is possible without user interac...
CVE-2023-21395
CVE-2023-21395 involves a Bluetooth use-after-free bug that can trigger an out-of-bounds read, enabling remote information disclosure without user interaction or additional privileges. The vulnerability is documented across multiple feeds (NVD entry authoring the Bluetooth impact; Red Hat and oth...
CVE-2023-35662
CVE-2023-35662 is a Pixel/Shannon baseband vulnerability described as an out-of-bounds write due to a buffer overflow that could enable remote code execution with no user interaction. The issue is reported as a Critical RCE in Google Pixel security guidance, and the Pixel Update Bulletin lists th...
CVE-2024-29746
CVE-2024-29746 affects the lpm_req_handler in lpm.c, with a possible out-of-bounds write caused by improper input validation. This can enable local elevation of privilege without user interaction. Connected sources (Red Hat, NVD, CVE lists, and Android Pixel bulletin) confirm the issue exists in ...
CVE-2024-29786
CVE-2024-29786 describes a potential remote code execution in Google Pixel devices due to an out-of-bounds write in the function pktproc_fill_data_addr_without_bm within link_rx_pktproc.c caused by a missing bounds check. The issue affects Pixel firmware/CPIF as listed in the Pixel bulletin; the ...
CVE-2024-32891
CVE-2024-32891 affects Google's Pixel/Android media.c, specifically the sec_media_unprotect function. The issue is described as a memory corruption caused by a race condition, which could enable local escalation of privilege without requiring additional privileges or user interaction. The availab...
CVE-2024-32895
CVE-2024-32895 affects the BCMFASTPATH component (dhd_msgbuf.c) with an out-of-bounds write caused by a missing bounds check. The documented impact is local elevation of privilege without additional execution privileges required, and exploitation reportedly requires no user interaction. Connected...
CVE-2026-0049
CVE-2026-0049 centers on the Android Framework component LocalImageResolver.java, with the root cause in onHeaderDecoded leading to resource exhaustion and a possible persistent denial-of-service. Exploitation is local and does not require user interaction. Public references consistently describe...
CVE-2015-3100
Adobe Flash Player and related components are affected by a stack-based buffer overflow (CVE-2015-3100) that enables arbitrary code execution. Affected product/version range includes Flash Player prior to 13.0.0.292 and 14.x through 18.x prior to 18.0.0.160 on Windows/macOS, and prior to 11.2.202...