8153 matches found
CVE-2022-20038
CVE-2022-20038 affects the ccu driver in MediaTek hardware. The issue is memory corruption caused by an incorrect bounds check, enabling local escalation of privilege with System execution privileges required. Exploitation does not require user interaction. Reported impact is consistent across so...
CVE-2022-20563
CVE-2022-20563 describes an out-of-bounds read caused by memory corruption in ufdt_convert within the Android kernel, enabling local privilege escalation to System. Exploitation is local with no user interaction; no remediation details are provided in the linked documents.
CVE-2022-21756
CVE-2022-21756 concerns a MediaTek WLAN driver flaw where an incorrect bounds check permits an out-of-bounds read, potentially causing local information disclosure with higher-privilege execution. Impact is described as requiring System privileges with no user interaction; attack vector is local....
CVE-2022-21782
CVE-2022-21782 affects the MediaTek WLAN driver. The root cause is a missing bounds check leading to an out-of-bounds write, enabling local privilege escalation to SYSTEM with no user interaction required. A patch is available (ALPS06704526; ALPS06704508). Exploitation details are not provided in...
CVE-2022-25833
The CVE-2022-25833 entry concerns Samsung SMR prior to Apr-2022 Release 1, where improper authentication in ImsService could allow an attacker to obtain IMSI without the READ_PRIVILEGED_PHONE_STATE permission. The vulnerability involves authentication checks in ImsService, enabling local access t...
CVE-2022-27573
Samsung SMR Apr-2022 Release 1 contains an out-of-bounds write vulnerability in the libsimba library due to improper input validation in parser_infe and sheifd_find_itemIndexin. Exploitation requires privileged access and could be triggered remotely over the network with low attack complexity, pe...
CVE-2022-27821
CVE-2022-27821 concerns the Quram Agif library prior to Samsung SMR Apr-2022 Release 1, where an improper boundary check enables denial of service when processing a crafted image file. Multiple sources (Red Hat, NVD, CNVD, CVE listings) describe the issue consistently as a boundary-checking flaw ...
CVE-2022-30710
CVE-2022-30710 affects Samsung Mobile (Android) RemoteViews. The vulnerability is described as an improper validation in RemoteViews prior to the SMR Jun-2022 Release 1, enabling attackers to launch certain activities. Public sources (NVD, Red Hat, CNVD) align on elevation/privilege aspects, with...
CVE-2022-32590
CVE-2022-32590 describes a use-after-free in the WLAN path that could enable local privilege escalation with SYSTEM privileges, requiring no user interaction. The description and Red Hat/NVD entries consistently reference a patch/Issue ID ALPS07299425. Connected documents confirm the issue is tie...
CVE-2022-33719
CVE-2022-33719 affects Samsung baseband prior to SMR Aug-2022 Release 1, where improper input validation can cause an integer overflow that leads to a heap overflow. The issue is tied to the baseband component and is mitigated by upgrading to SMR Aug-2022 Release 1 or later. Documentation does no...
CVE-2022-39900
CVE-2022-39900 affects Samsung Nice Catch prior to SMR Dec-2022 Release 1. The issue is an improper access control that could allow a physical attacker to access all toast contents generated in the Secure Folder environment via Nice Catch. Affected component: Nice Catch app (Samsung Mobile). Root...
CVE-2023-20828
The CVE-2023-20828 issue affects the gps component in MediaTek chips (GPS) with an out-of-bounds write caused by a missing bounds check. This can lead to local privilege escalation with SYSTEM rights and does not require user interaction. Affected details are supported by multiple sources (NVD/Re...
CVE-2023-20843
CVE-2023-20843 involves an out-of-bounds read in the imgsys_cmdq component caused by missing valid range checking. Impact: local information disclosure with the potential for system-level execution privileges required, and exploitation reportedly needs user interaction. Affected context is MediaT...
CVE-2023-20973
CVE-2023-20973 affects Android 13, specifically the Bluetooth stack: in btm_create_conn_cancel_complete() of btm_sec.cc, a missing bounds check enables an out-of-bounds read. This can lead to local information disclosure with SYSTEM-level privileges needed; exploitation reportedly does not requir...
CVE-2023-21010
The CVE-2023-21010 issue affects the Android p2p_iface.cpp component (Android 13 and earlier), where a missing bounds check can cause an out-of-bounds read. This creates a potential local information disclosure vulnerability that, per the documents, could enable System-level execution privileges ...
CVE-2023-21021
The CVE-2023-21021 issue affects Android 13 where WifiServiceImpl.java’s isTargetSdkLessThanQOrPrivileged path allows a guest user to change admin network settings due to a missing permission check. This enables local privilege escalation with no extra privileges or user interaction required. CVS...
CVE-2023-21022
CVE-2023-21022 is a memory corruption vulnerability in the Pixel/Android stack: in BufferBlock of Suballocation.cpp, an out-of-bounds write could lead to local escalation of privilege without user interaction. Affected software is Android 13 on Google Pixel devices (per the Pixel Update Bulletin ...
CVE-2023-21043
CVE-2023-21043 affects Android kernel components with memory corruption via a use-after-free, enabling local escalation to System privileges. Exploitation details, affected versions, and patch status are not provided in the connected documents; the description remains TBD. If pursuing remediation...
CVE-2023-21171
CVE-2023-21171 affects Android 13 and is tied to the InputDispatcher.cpp function verifyInputEvent. Descriptions across multiple connected sources state a side-channel information disclosure that could enable click fraud, potentially enabling local escalation to System privileges. Exploitation is...
CVE-2023-21185
CVE-2023-21185 affects Android 13 devices, where multiple functions in WifiNetworkFactory.java lack a required permission check. This creates a path for local privilege escalation from a guest user, with no additional execution privileges and no user interaction required to exploit. Public source...
CVE-2023-21195
CVE-2023-21195 concerns Android 13 devices. The issue is in the Bluetooth stack: function btm_ble_periodic_adv_sync_tx_rcvd in btm_ble_gap.cc may perform an out-of-bounds read due to an incorrect bounds check. This could allow local information disclosure over Bluetooth if the device firmware is ...
CVE-2023-21207
CVE-2023-21207 affects Android 13, targeting the function initiateTdlsSetupInternal in sta_iface.cpp. It describes an out-of-bounds read due to a missing bounds check, enabling local privilege escalation to SYSTEM with no user interaction required. Exploitation details or in-the-wild status are n...
CVE-2023-21214
CVE-2023-21214 describes an out-of-bounds read caused by unsafe deserialization in the Android component p2p_iface.cpp, within addGroupWithConfigInternal. This leads to local information disclosure with potential system-level execution privileges required for exploitation, and does not require us...
CVE-2025-0084
CVE-2025-0084 is a remote code execution risk in the Android Bluetooth stack (HFP enabled) caused by an out-of-bounds write due to a use-after-free condition in multiple locations. The vulnerability could allow an attacker, with adjacent access and no user interaction, to execute code on the devi...
CVE-2025-0086
Technical details such as affected products, versions, root cause, or remediation for CVE-2025-0086 are not publicly provided in the connected documents. Monitor for updates.
CVE-2025-26417
CVE-2025-26417 affects the Android framework via the function in DownloadProvider.java, where a bypass of user consent in shared storage could occur due to a confusing deputy. This may enable local information disclosure without requiring additional execution privileges, and does not require user...
CVE-2013-4777
Summary of CVE-2013-4777 (Android 2.3.7, Motorola Defy XT, Republic Wireless) The advisory describes an exploit path where the device’s init process creates a /dev/socket/init_runit LocalSocket to accept shell commands. The underlying issue is a stack-based buffer overflow in the sub_E110 functio...
CVE-2015-5568
CVE-2015-5568 affects Adobe Flash Player and related AIR components. Public docs confirm this vulnerability is part of the APSB15-23 set and is tied to a vector-length corruption that could enable a denial of service or other impact. Affected software and versions per the sources include: Windows...
CVE-2017-0475
Technical details about CVE-2017-0475 are not publicly provided in the supplied documents. Monitor for updates from Android security bulletins and vendor advisories.
CVE-2017-10998
CVE-2017-10998 : In Qualcomm’s audio driver used on Android CAF builds, the function audio_aio_ion_lookup_vaddr uses a user-provided buffer length to validate the region. If length is large, the address+length check can overflow, yielding a result well below the valid region. This can lead to out...
CVE-2017-13260
CVE-2017-13260 is an information disclosure flaw in Android Bluetooth’s BNEP implementation. In bnep_data_ind of bnep_main.cc, a missing bounds check enables a possible out-of-bounds read, allowing remote disclosure without user interaction. Affected Android versions include 5.1.1, 6.0, 6.0.1, 7....
CVE-2018-9478
CVE-2018-9478 involves an out-of-bounds write in the sdp_server.cc file, specifically in process_service_attr_req and process_service_search_attr_req, caused by a missing bounds check. The vulnerability could allow remote code execution with no privileges and without user interaction, as describe...
CVE-2019-2044
CVE-2019-2044 affects the Android Media framework, specifically in MakeMP>G4VideoCodecSpecificData within APacketSource.cpp. The issue is an out-of-bounds write caused by an incorrect bounds check, which could allow a remote attacker to execute code in the context of a privileged process in th...
CVE-2019-2072
CVE-2019-2072 affects Android 10 through the libxaac library. The issue is an out-of-bounds write caused by a missing bounds check in libxaac, enabling remote code execution with the attacker’s interaction required. Impact is described as RCE with high severity under CVSS 3.1 (HIGH, network attac...
CVE-2019-2130
CVE-2019-2130 affects Android: the issue is in CompilationJob::FinalizeJob of compiler.cc, caused by type confusion that can enable remote code execution with no user interaction. Exploitation could escalate privileges via a crafted malicious proxy configuration. Affected Android versions include...
CVE-2019-2169
CVE-2019-2169 affects the Android 10 libxaac library, where an information disclosure can occur due to uninitialized data. The issue could expose partial confidential data with no additional execution privileges required, and exploitation requires user interaction. | Affected component: libxaac i...
CVE-2019-9233
CVE-2019-9233 affects wpa_supplicant_8 on Android-10. Root cause: an out-of-bounds read due to an incorrect bounds check, enabling remote information disclosure without privileges and without user interaction. The impact is info disclosure; no exploit details or in-the-wild status are provided in...
CVE-2019-9432
CVE-2019-9432 refers to an out-of-bounds read in Bluetooth on Android 10, caused by improper input validation. The issue can lead to remote information disclosure from the Bluetooth server without requiring user interaction or privileges. Documents confirm the affected platform as Android 10 and ...
CVE-2020-25279
CVE-2020-25279 describes a buffer overflow in the baseband on Samsung mobile devices (Exynos) running O(8.x), P(9.0), and Q(10.0) via an abnormal SETUP message, enabling arbitrary code execution. Affected component: baseband firmware; root cause: buffer overflow. Impact: high across confidentiali...
CVE-2021-0538
CVE-2021-0538 affects Android 11 via EmergencyCallbackModeExitDialog.java, where a tapjacking/overlay attack can exit emergency callback mode, enabling local elevation of privilege with user interaction required. Documented impact: local EoP with high likelihood of access via exposed UI flow; CVS...
CVE-2021-0551
CVE-2021-0551 affects Android 11 with a DoS via a vulnerability in the MediaControlPanel.java bind. The root cause is improper input validation in the bind path, allowing a malicious media file to lock up the system UI and cause remote denial of service. Exploitation requires user interaction. Pu...
CVE-2021-0988
CVE-2021-0988 affects Android 12 and involves information disclosure via getLaunchedFromUid/getLaunchedFromPackage in ActivityClientController.java. The issue allows a local attacker to determine whether an app is installed without query permissions due to a side-channel information disclosure, l...
CVE-2021-0992
CVE-2021-0992 affects Android 12 via PaymentDefaultDialog.java, where a tapjack overlay could allow changing the default payment app without user consent. This is described as a local elevation of privilege requiring user interaction for exploitation, with no additional privileges needed. Connect...
CVE-2021-0998
CVE-2021-0998 affects Android 12 in the media/ih264e path: the function ih264e_find_bskip_params() in ih264e_me.c can trigger an out-of-bounds read due to a heap buffer overflow, enabling local information disclosure without user interaction. Exploitation details and impact are described in multi...
CVE-2021-1002
CVE-2021-1002 affects Android 12 and is detailed in multiple sources as a vulnerability in WT_Interpolate within eas_wtengine.c, caused by a missing bounds check that allows an out-of-bounds read. This can lead to remote information disclosure without extra execution privileges and without user i...
CVE-2021-25364
CVE-2021-25364 affects Samsung Secure Folder prior to SMR APR-2021 Release 1, where a pendingIntent hijacking issue allows unprivileged apps to access contact information. The vulnerability is linked to Secure Folder’s handling of PendingIntents and exposes contact data locally. Affected software...
CVE-2021-39789
CVE-2021-39789 affects Android 12L where a missing permission check could allow a local attacker to leak TTY mode changes, enabling local elevation of privilege with no additional execution privileges and no user interaction required. The NVD entry confirms the vulnerability type as EoP with loca...
CVE-2022-20561
CVE-2022-20561 affects the Android kernel in aud_hal_tunnel.c, where a use-after-free can cause memory corruption. The impact is local elevation of privilege with no extra execution privileges required and no user interaction needed. Affected component: Android kernel (aud_hal_tunnel.c). Root cau...
CVE-2022-21757
CVE-2022-21757 affects the WIFI firmware (noted in MediaTek context) with a missing count check that can cause a system crash, enabling remote denial of service without required privileges or user interaction. The entry lists a patch ID ALPS06468894 / issue ALPS06468894 as the remediation. No fur...
CVE-2022-27827
The CVE-2022-27827 entry concerns an improper validation vulnerability in MediaMonitorDimension, prior to Samsung SMR Apr-2022 Release 1. Affected item appears to be the MediaMonitorDimension component (in Samsung context) where input validation fails, enabling attackers to launch certain activit...