8153 matches found
CVE-2024-32899
CVE-2024-32899 relates to a race condition in the Pixel GPU power management path (gpu_pm_power_off_top_nolock in pixel_gpu_power.c) that could allow local escalation of privilege to the TEE by compromising protected memory. Exploitation is predicted to require with local access and no user inter...
CVE-2024-32918
CVE-2024-32918 describes a permission bypass that allows attackers to disable HDCP 2.2 encryption by not completing the HDCP Key Exchange initialization steps. The vulnerability is referenced in multiple feeds as affecting Google Pixel/Android devices, with references to a Trusty/TEE subcomponent...
CVE-2024-47027
CVE-2024-47027 affects Google Pixel/Android components, with the vulnerability in sm_mem_compat_get_vmm_obj in lib/sm/shared_mem.c. The issue allows arbitrary physical memory access due to improper input validation, enabling local privilege escalation without additional privileges or user interac...
CVE-2024-47029
The vulnerability CVE-2024-47029 affects the TrustySharedMemoryManager::GetSharedMemory implementation in ondevice/trusty/trusty_shared_memory_manager.cc. The issue is an incorrect bounds check that can trigger an out-of-bounds read, causing local information disclosure without requiring extra pr...
CVE-2024-47041
CVE-2024-47041 concerns a bounds-check error in the valid_address function of syscall.c that can cause an out-of-bounds read, enabling local privilege escalation without user interaction. The vulnerability is documented across multiple sources tied to Google Pixel/Android components, with Pixel/A...
CVE-2024-53833
CVE-2024-53833 is reported in the Android LWIS stack, specifically in the function prepare_response_locked within lwis_transaction.c . The vulnerability stems from improper input validation, enabling a possible out-of-bounds write. Impact described as local escalation of privilege with no additio...
CVE-2025-27701
CVE-2025-27701 describes a null-pointer dereference in the function process_crypto_cmd , where values in ptrs[i] can be NULL after slice_map_array() and are later dereferenced without a NULL check, enabling a local temporary DoS or out-of-bounds read and information disclosure. The CVE is listed ...
CVE-2015-3099
CVE-2015-3099 concerns Adobe Flash Player and related Adobe AIR components. Affected versions include Flash Player 13.0.0.292 and 14.x up to 18.x before 18.0.0.160 on Windows/macOS, and before 11.2.202.466 on Linux; Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X/Android; and...
CVE-2016-6762
CVE-2016-6762 describes an elevation-of-privilege flaw in the libziparchive library that could allow a local malicious app to run arbitrary code with the privileges of a protected process. Affected product: Android; versions affected include 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0 (Android ID A-31251826). ...
CVE-2017-0599
CVE-2017-0599 is a remote denial-of-service vulnerability in Android’s Mediaserver, specifically the libhevc component. A specially crafted media file could cause a device hang or reboot. Affected products/versions in the provided documents: Android 6.0–7.1.2. The description in the connected sou...
CVE-2019-9346
CVE-2019-9346 affects the Android Media Framework (libstagefright). The issue is a heap buffer overflow causing an out-of-bounds write, enabling remote code execution. Exploitation requires user interaction. Affected product/version: Android 10. Root cause: out-of-bounds write in a heap-allocated...
CVE-2020-27059
CVE-2020-27059 affects the Android Framework, specifically in onAuthenticated of AuthenticationClient.java, enabling a tapjacking scenario via an overlaid window during fingerprint requests. Root cause is an overlay-based UI manipulation that can lead to local elevation of privilege with user int...
CVE-2021-0535
The CVE-2021-0535 entry is supported by concrete details across sources: an Android 11 issue affecting wpas_ctrl_msg_queue_timeout in ctrl_iface_unix.c where a memory corruption due to use-after-free could allow local escalation of privileges to system level. The Android 11 context and the exact ...
CVE-2021-0555
CVE-2021-0555 affects Android 11 with a vulnerability in RenderStruct of protostream_objectsource.cc where a missing null check can cause a remote Denial of Service. The Red Hat and NVD entries confirm the issue’s root cause and impact; Pixel bulletin mappings show this CVE is classified as DoS (...
CVE-2021-0661
CVE-2021-0661 refers to an out-of-bounds write in MediaTek audio DSP caused by an incorrect bounds check. This can lead to local escalation of privilege with System execution privileges, and exploitation does not require user interaction. The issue affects MediaTek audio DSP components across mul...
CVE-2022-20055
CVE-2022-20055 concerns the preloader (usb) in MediaTek-based devices where an out-of-bounds write occurs due to a missing bounds check. The vulnerability could enable local escalation of privilege for an attacker with physical access, with no extra execution privileges required; exploitation req...
CVE-2022-20367
CVE-2022-20367 affects the Android kernel; the vulnerability is in the construct_transaction function of lwis_ioctl.c, where an integer overflow can cause an out-of-bounds write, enabling local privilege escalation with system execution privileges required and no user interaction. The issue is id...
CVE-2022-20526
CVE-2022-20526 affects Android 13 via CanvasContext::draw in CanvasContext.cpp, where a missing bounds check can cause an out-of-bounds write and local privilege escalation. The exploit requires user interaction; no remote vector is detailed. Multiple connected sources (Red Hat advisory, NVD, OSV...
CVE-2022-20546
CVE-2022-20546 affects Android 13 in the code path described by the Pixel/Effect.cpp vulnerability: a missing bounds check in the function getCurrentConfigImpl can cause an out-of-bounds write. This vulnerability is characterized as a local escalation of privilege with system execution privileges...
CVE-2022-20550
CVE-2022-20550 affects Android 13 (Pixel devices) with a local elevation of privilege caused by a confused deputy, enabling arbitrary protected activities without user interaction. Public sources (Pixel Update Bulletin 2022-12-01) associate fixes to the 2022-12-05 patch level; no explicit vulnera...
CVE-2022-20587
CVE-2022-20587 affects Android devices via an issue in the Android kernel, in drm_fw.c within the ppmp_validate_wsm function. The vulnerability arises from improper input validation, enabling local privilege escalation with no additional privileges and no user interaction required. The CVSS vecto...
CVE-2022-21749
CVE-2022-21749 relates to a vulnerability in the telephony stack where a missing permission check can lead to local information disclosure without requiring execution privileges. The core issue is described as a permission-check bypass in telephony, enabling information disclosure with no user in...
CVE-2022-27828
CVE-2022-27828 involves Samsung MediaMonitorEvent with an improper input/validation check prior to SMR Apr-2022 Release 1. The vulnerability is rated HIGH (CVSSv3.1: Local, Low attack complexity, Privileges Required: Low, No user interaction; confidentiality, integrity, and availability all high)...
CVE-2022-42513
CVE-2022-42513 : A missing bounds check in ProtocolEmbmsBuilder::BuildSetSession (protocolembmsbuilder.cpp) allows an out-of-bounds write in the Android kernel, enabling local escalation of privilege to SYSTEM level. No user interaction is required. Documented in multiple sources (e.g., NVD entry...
CVE-2022-42524
The CVE-2022-42524 entry describes an out-of-bounds read in Android’s sms_GetTpUdlIe within sms_PduCodec.c due to a missing bounds check. This can lead to remote information disclosure without extra privileges or user interaction. Connected OSV data confirms the same file-level bug, but no exploi...
CVE-2023-20725
CVE-2023-20725 affects MediaTek chip preloader: an out-of-bounds write caused by a missing bounds check can lead to local escalation of privilege with System execution privileges required. Exploitation requires no user interaction. Affected devices/versions include MT6880, MT6890, MT6980, and MT6...
CVE-2023-20970
CVE-2023-20970 is a confirmed Android 13 vulnerability affecting p2p_iface.cpp with an out-of-bounds read caused by a missing bounds check. Exploitation is described as a local information disclosure vulnerability requiring high privileges and no user interaction. Multiple connected records (RH, ...
CVE-2023-21013
CVE-2023-21013 is an out-of-bounds read in hostapd.cpp (forceStaDisconnection) on Android 13. The vulnerability could allow local information disclosure with system-level privileges and requires no user interaction. Connected sources consistently describe the issue without public exploit details....
CVE-2023-21032
CVE-2023-21032 affects Android 13; the issue is in the function _ufdt_output_node_to_fdt of ufdt_convert.c, causing a possible out-of-bounds read via a heap buffer overflow. The impact is local information disclosure with System privileges required; exploitation does not require user interaction....
CVE-2023-21148
CVE-2023-21148 describes a vulnerability in the BuildSetConfig function of protocolimsbuilder.cpp where a missing null check can cause an out-of-bounds read. This could allow local information disclosure with System-level execution privileges required, and exploitation does not require user inter...
CVE-2023-21179
CVE-2023-21179 affects Android 13 and involves XmlUtil.java’s parseSecurityParamsFromXml. The root issue is a weakness in how crypto is used, allowing bypass of a user-specified wifi encryption protocol, enabling local privilege escalation with no additional execution privileges or user interacti...
CVE-2023-21198
CVE-2023-21198 affects Android 13 via the Bluetooth SDP server (btif_sdp_server.cc) in remove_sdp_record, where a missing bounds check enables an out-of-bounds read and local information disclosure. Exploitation is described as requiring no user interaction; no exploit specifics or exploitation s...
CVE-2023-21203
The CVE-2023-21203 issue affects Android 13 with a fault in startWpsPbcInternal in sta_iface.cpp that allows an out-of-bounds read due to improper input validation. This could enable local escalation of privilege to SYSTEM with no user interaction required. Connected sources corroborate the file ...
CVE-2023-21223
CVE-2023-21223 affects Android kernel via an out-of-bounds read in LPP_ConvertGNSS_DataBitAssistance (LPP_CommonUtil.c) caused by a missing bounds check. This enables remote information disclosure with no privileges or user interaction required. Impact and exploitability are described in multiple...
CVE-2023-21224
CVE-2023-21224 affects the Android kernel, specifically the ss_ProcessReturnResultComponent function in ss_MmConManagement.c. The vulnerability is a heap-buffer-overflow–induced out-of-bounds read that could lead to remote information disclosure without extra privileges or user interaction. Publi...
CVE-2023-21226
CVE-2023-21226 affects the Android kernel, specifically SAEMM_RetrieveTaiList in SAEMM_ContextManagement.c. The issue is an out-of-bounds read caused by an incorrect bounds check, which could enable remote information disclosure with no additional execution privileges and without user interaction...
CVE-2023-40142
CVE-2023-40142 is documented in multiple sources as a local elevation-of-privilege affecting Google Pixel components, stemming from a logic error in the code that bypasses carrier restrictions on the device. The Android Pixel bulletins and Red Hat/NVD records describe the issue as enabling local ...
CVE-2023-48411
CVE-2023-48411 involves an out-of-bounds read in SignalStrengthAdapter::FillGsmSignalStrength() inside protocolmiscadapter.cpp. The issue stems from a missing bounds check and could enable local information disclosure with baseband firmware compromise required; exploitation does not require user ...
CVE-2024-20045
CVE-2024-20045 concerns MediaTek devices where an incorrect calculation of audio buffer size enables an out-of-bounds read. This vulnerability could lead to local information disclosure with system privileges required; exploitation does not require user interaction. The patch referenced is ALPS08...
CVE-2024-20055
In imgsys, a missing bounds check leads to local information disclosure with required System execution privileges. Exploitation requires user interaction (per CVE-2024-20055 descriptions). Patch ID ALPS08518692 is referenced; the connected PT-2024-18541 entry notes affected versions are not speci...
CVE-2024-32921
The CVE affects the lwis_fence.c component, specifically the function lwis_initialize_transaction_fences, where a missing bounds check can cause an out-of-bounds write. This leads to a possible local escalation of privilege with no additional execution privileges required and without user interac...
CVE-2024-32924
Technical details (affected products, versions, root cause specifics, or exploitation details) are not publicly provided in the supplied documents. Monitor for updates from Red Hat/NVD/Android Bulletins for concrete fixes or mitigations.
CVE-2024-47014
CVE-2024-47014 affects Google Pixel devices running Android with a privilege-escalation vulnerability in the ABL component (A-330537292). Affected product: Pixel devices; vulnerability type: Elevation of Privilege (EoP). Root cause: not explicitly detailed beyond ABL involvement. Impact: privileg...
CVE-2024-53840
Technical details such as affected product, versions, and fix are not provided in the supplied documents; the CVE is described as a biometric bypass with local privilege escalation, but no specifics on vulnerable components are given. Monitor for updates.
CVE-2015-5570
CVE-2015-5570 is a use-after-free vulnerability in Adobe Flash Player (affecting pre-18.0.0.241 and 19.x before 19.0.0.185) and Adobe AIR before 19.0.0.190, enabling remote code execution via specially crafted SWF handling. Adobe APSB15-23 patches are referenced; apply fixed builds to remediate.
CVE-2015-5588
Technical details about CVE-2015-5588 are not publicly provided in the connected documents. No affected product/version/impact is specified here. Monitor for updates in the EUVD advisories and official vendor bulletins.
CVE-2019-2010
CVE-2019-2010 concerns a local elevation of privilege in Android due to an out-of-bounds write in phNxpNciHal_ext.cc (phNxpNciHal_process_ext_rsp) caused by a missing bounds check. Affected Android versions include 7.0–9.0. The issue enables local exploitation without user interaction and with lo...
CVE-2020-0087
CVE-2020-0087 affects Android 10 (framework). The issue is in ActivityManagerService.getProcessPss, enabling a side-channel information disclosure with local access and requiring user interaction to exploit. The vulnerability’s impact is partial information disclosure (high confidentiality impact...
CVE-2021-39680
CVE-2021-39680 affects the Android kernel, with the flaw located in sec_SHA256_Transform within sha256_core.c. The issue allows reading heap data due to uninitialized data, enabling local information disclosure with system privileges. Exploitation does not require user interaction. The vulnerabil...
CVE-2021-39681
CVE-2021-39681 affects the Android kernel, specifically the delete_protocol path in main.c. The flaw is a use-after-free that allows arbitrary code execution, resulting in local escalation of privilege. Exploitation is local, does not require user interaction, and does not require additional priv...