Lucene search

K
GoogleAndroid

7550 matches found

CVE
CVE
added 2017/10/04 1:29 a.m.54 views

CVE-2017-0806

An elevation of privilege vulnerability in the Android framework (gatekeeperresponse). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62998805.

9.3CVSS7.4AI score0.01494EPSS
CVE
CVE
added 2017/12/06 2:29 p.m.54 views

CVE-2017-0870

An elevation of privilege vulnerability in the Android framework (libminikin). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-62134807.

7.8CVSS7.5AI score0.00016EPSS
CVE
CVE
added 2017/12/05 7:29 p.m.54 views

CVE-2017-11043

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a WiFI driver function, an integer overflow leading to heap buffer overflow may potentially occur.

9.3CVSS7.4AI score0.00063EPSS
CVE
CVE
added 2018/04/04 5:29 p.m.54 views

CVE-2017-13252

In CryptoHal::decrypt of CryptoHal.cpp, there is an out of bounds write due to improper input validation that results in a read from uninitialized memory. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Pr...

9.3CVSS7.6AI score0.00045EPSS
CVE
CVE
added 2017/10/10 8:29 p.m.54 views

CVE-2017-9714

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an out of bound memory access may happen in limCheckRxRSNIeMatch in case incorrect RSNIE is received from the client in assoc request.

7.8CVSS7.2AI score0.00019EPSS
CVE
CVE
added 2018/07/06 5:29 p.m.54 views

CVE-2018-5829

In wlan_hdd_cfg80211_set_privacy_ibss() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a buffer over-read can potentially occur.

7.8CVSS7.2AI score0.00241EPSS
CVE
CVE
added 2024/12/05 12:15 a.m.54 views

CVE-2018-9404

In oemCallback of ril.cpp, there is a possible out of bounds write due to aninteger overflow. This could lead to local escalation of privilege withSystem execution privileges needed. User interaction is not needed forexploitation.

7.8CVSS6.8AI score0.00018EPSS
CVE
CVE
added 2024/12/05 12:15 a.m.54 views

CVE-2018-9407

In emmc_rpmb_ioctl of emmc_rpmb.c, there is an Information Disclosure due to a Missing Bounds Check. This could lead to Information Disclosure of kernel data.

6.5CVSS6.2AI score0.00026EPSS
CVE
CVE
added 2024/12/05 12:15 a.m.54 views

CVE-2018-9408

In m3326_gps_write and m3326_gps_read of gps.s, there is a possible Out OfBounds Read due to a missing bounds check. This could lead to a localinformation disclosure with System execution privileges needed. Userinteraction is not needed for exploitation.

5.5CVSS6.2AI score0.00021EPSS
CVE
CVE
added 2024/12/02 9:15 p.m.54 views

CVE-2018-9414

In gattServerSendResponseNative of com_android_bluetooth_gatt.cpp, there is a possible out of bounds stack write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

7.8CVSS6.9AI score0.0001EPSS
CVE
CVE
added 2024/12/02 10:15 p.m.54 views

CVE-2018-9418

In handle_app_cur_val_response of dtif_rc.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

9.8CVSS7.1AI score0.00056EPSS
CVE
CVE
added 2019/02/12 12:0 a.m.54 views

CVE-2018-9583

In bta_ag_parse_cmer of bta_ag_cmd.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution in the bluetooth server with no additional execution privileges...

10CVSS7.6AI score0.00977EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.54 views

CVE-2019-2066

In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117100617

8.8CVSS9AI score0.00409EPSS
CVE
CVE
added 2019/07/08 6:15 p.m.54 views

CVE-2019-2119

In multiple functions of key_store_service.cpp, there is a possible Information Disclosure due to improper locking. This could lead to local information disclosure of protected data with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Ve...

5.5CVSS5AI score0.00013EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.54 views

CVE-2019-2139

In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117610049

6.5CVSS6.4AI score0.00125EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.54 views

CVE-2019-2150

In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117935831

6.5CVSS6.4AI score0.00125EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.54 views

CVE-2019-9269

In System Settings, there is a possible permissions bypass due to a cached Linux user ID. This could lead to a local permissions bypass with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-36899497

7.3CVSS7.3AI score0.00012EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.54 views

CVE-2019-9385

In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120452956

6.5CVSS6.4AI score0.00244EPSS
CVE
CVE
added 2019/09/27 7:15 p.m.54 views

CVE-2019-9386

In NFC server, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-...

7.3CVSS7.7AI score0.00013EPSS
CVE
CVE
added 2020/03/10 8:15 p.m.54 views

CVE-2020-0032

In ih264d_release_display_bufs of ih264d_utils.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android...

9.3CVSS8.9AI score0.01848EPSS
CVE
CVE
added 2020/03/10 9:15 p.m.54 views

CVE-2020-0049

In onReadBuffer() of StreamingSource.cpp, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID...

6.5CVSS6.6AI score0.00872EPSS
CVE
CVE
added 2020/03/10 9:15 p.m.54 views

CVE-2020-0084

In several functions of NotificationManagerService.java, there are missing permission checks. This could lead to local escalation of privilege by creating fake system notifications with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersio...

7.8CVSS8.2AI score0.00034EPSS
CVE
CVE
added 2020/09/17 4:15 p.m.54 views

CVE-2020-0123

There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-149871374

10CVSS9AI score0.00144EPSS
CVE
CVE
added 2020/09/17 4:15 p.m.54 views

CVE-2020-0229

There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-156333725

10CVSS9AI score0.00129EPSS
CVE
CVE
added 2020/09/17 4:15 p.m.54 views

CVE-2020-0278

There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812574

10CVSS9AI score0.00129EPSS
CVE
CVE
added 2020/09/18 4:15 p.m.54 views

CVE-2020-0295

In Telecom, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-155650969

5.5CVSS5.8AI score0.00017EPSS
CVE
CVE
added 2020/11/10 1:15 p.m.54 views

CVE-2020-0446

There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-168264528

9.8CVSS9AI score0.00164EPSS
CVE
CVE
added 2020/12/14 10:15 p.m.54 views

CVE-2020-0455

There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170372514

9.8CVSS9AI score0.00164EPSS
CVE
CVE
added 2020/06/04 6:15 p.m.54 views

CVE-2020-13838

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. The DeX Lockscreen feature does not block access to Quick Panel and notifications. The Samsung ID is SVE-2020-17187 (June 2020).

3.6CVSS4.3AI score0.00017EPSS
CVE
CVE
added 2021/06/22 12:15 p.m.54 views

CVE-2021-0606

In drm_syncobj_handle_to_fd of drm_syncobj.c, there is a possible use after free due to incorrect refcounting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...

6.7CVSS6.7AI score0.00026EPSS
CVE
CVE
added 2022/03/30 4:15 p.m.54 views

CVE-2021-1000

In createBluetoothDeviceSlice of ConnectedDevicesSliceProvider.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Androi...

7.8CVSS7.9AI score0.00014EPSS
CVE
CVE
added 2021/12/15 7:15 p.m.54 views

CVE-2021-1010

In getSigningKeySet of PackageManagerService.java, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-189857801

5.5CVSS5AI score0.00031EPSS
CVE
CVE
added 2021/03/04 10:15 p.m.54 views

CVE-2021-25340

Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1 allows physically proximate attackers to change in arbitrary settings during Initialization State.

5.1CVSS4.2AI score0.00017EPSS
CVE
CVE
added 2021/03/04 10:15 p.m.54 views

CVE-2021-25345

Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format.

5.5CVSS5.3AI score0.00016EPSS
CVE
CVE
added 2021/04/09 6:15 p.m.54 views

CVE-2021-25365

An improper exception control in softsimd prior to SMR APR-2021 Release 1 allows unprivileged applications to access the API in softsimd.

7.8CVSS7.5AI score0.00013EPSS
CVE
CVE
added 2021/10/06 6:15 p.m.54 views

CVE-2021-25477

An improper error handling in Mediatek RRC Protocol stack prior to SMR Oct-2021 Release 1 allows modem crash and remote denial of service.

4.9CVSS5.2AI score0.00199EPSS
CVE
CVE
added 2022/06/15 2:15 p.m.54 views

CVE-2022-20151

Product: AndroidVersions: Android kernelAndroid ID: A-210712565References: N/A

7.5CVSS7.4AI score0.00123EPSS
CVE
CVE
added 2022/06/15 2:15 p.m.54 views

CVE-2022-20156

In unflatten of GraphicBuffer.cpp, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernel...

7.8CVSS7.9AI score0.00013EPSS
CVE
CVE
added 2022/06/15 2:15 p.m.54 views

CVE-2022-20159

In asn1_ec_pkey_parse of acropora/crypto/asn1_common.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

4.9CVSS4.3AI score0.00016EPSS
CVE
CVE
added 2022/06/15 2:15 p.m.54 views

CVE-2022-20171

Product: AndroidVersions: Android kernelAndroid ID: A-215565667References: N/A

10CVSS9AI score0.00129EPSS
CVE
CVE
added 2022/06/15 2:15 p.m.54 views

CVE-2022-20191

Product: AndroidVersions: Android kernelAndroid ID: A-209324757References: N/A

10CVSS9AI score0.00129EPSS
CVE
CVE
added 2022/06/15 2:15 p.m.54 views

CVE-2022-20204

In registerRemoteBugreportReceivers of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for explo...

7.8CVSS7.6AI score0.00014EPSS
CVE
CVE
added 2022/08/12 3:15 p.m.54 views

CVE-2022-20276

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploit...

5.5CVSS5.4AI score0.00018EPSS
CVE
CVE
added 2022/08/12 3:15 p.m.54 views

CVE-2022-20329

In Wifi, there is a possible way to enable Wifi without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-1...

7.8CVSS7.8AI score0.00013EPSS
CVE
CVE
added 2022/12/16 4:15 p.m.54 views

CVE-2022-20562

In various functions of ap_input_processor.c, there is a possible way to record audio during a phone call due to a logic error in the code. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...

3.3CVSS3.7AI score0.00024EPSS
CVE
CVE
added 2022/12/16 4:15 p.m.54 views

CVE-2022-20579

In RadioImpl::setCdmaBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android k...

6.7CVSS6.6AI score0.00017EPSS
CVE
CVE
added 2022/07/06 2:15 p.m.54 views

CVE-2022-21770

In sound driver, there is a possible information disclosure due to symlink following. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558663; Issue ID: ALPS06558663.

6.7CVSS5.9AI score0.00015EPSS
CVE
CVE
added 2022/07/06 2:15 p.m.54 views

CVE-2022-21775

In sched driver, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479032; Issue ID: ALPS06479032.

6.7CVSS6.7AI score0.00012EPSS
CVE
CVE
added 2022/08/01 2:15 p.m.54 views

CVE-2022-21791

In camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478059; Issue ID: ALPS06478059.

4.4CVSS4.2AI score0.00023EPSS
CVE
CVE
added 2022/06/07 6:15 p.m.54 views

CVE-2022-28794

Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows local attackers to get SIM card information.

3.3CVSS3.8AI score0.00016EPSS
Total number of security vulnerabilities7550