8153 matches found
CVE-2020-0347
CVE-2020-0347 affects Android 11 with an out-of-bounds write in iptables caused by an incorrect bounds check. The vulnerability could allow local escalation to SYSTEM privileges without user interaction. Evidence in the initial document notes the affected product (Android 11) and the privilege le...
CVE-2021-0543
CVE-2021-0543 : A vulnerability in phNxpNciHal_ext.cc (function phNxpNciHal_process_ext_rsp) allows a possible out-of-bounds write due to an integer overflow, enabling local elevation of privilege with System execution privileges. Exploitation does not require user interaction. Affected: Android ...
CVE-2021-0548
CVE-2021-0548 affects Android 11; the vulnerability is in rw_i93_send_to_lower (rw_i93.cc) where a missing bounds check can cause an out-of-bounds write, enabling local elevation of privilege with no user interaction. Affected component: Android kernel/userland path rw_i93_send_to_lower. No explo...
CVE-2021-0734
CVE-2021-0734 describes a side-channel information disclosure in Android Settings that can reveal whether an app is installed without query permissions, enabling local information disclosure on Android 13. The issue affects the Settings component and does not require user interaction, with a loca...
CVE-2021-0989
CVE-2021-0989 describes a local information-disclosure in Android 12 via hasManageOngoingCallsPermission in TelecomServiceImpl.java, allowing an app to determine if another app is installed without query permissions. This is caused by a side-channel disclosure and requires no user interaction. Th...
CVE-2021-0999
CVE-2021-0999 affects Android 12 and relates to the broadcast definition in AndroidManifest.xml that can set the A2DP Bluetooth device connection state due to a missing permission check. The underlying issue is a privilege-escalation flaw that does not require user interaction and can be exploite...
CVE-2021-1005
CVE-2021-1005 affects Android 12, involving getDeviceIdWithFeature in PhoneInterfaceManager.java. The issue enables a local information disclosure via a side-channel that can reveal whether an app is installed without query permissions, with no user interaction required. The description and conne...
CVE-2021-1030
CVE-2021-1030 affects Android 12 with a vulnerability in NotificationManagerService.setNotificationsShownFromListener that allows a local attacker to deduce whether an app is installed without query permissions via a side-channel. Impact is local information disclosure with no execution privilege...
CVE-2021-25336
CVE-2021-25336 affects Samsung mobile devices via improper access control in NotificationManagerService. The root cause is insufficient access checks that allow untrusted applications to obtain notification access by sending a crafted malicious intent. Documented impact is limited to exploitation...
CVE-2021-25478
Summary: CVE-2021-25478 describes a possible stack-based buffer overflow in the Samsung Exynos CP Chipset prior to SMR Oct-2021 Release 1, which could enable arbitrary memory writes and code execution. The affected component is the Exynos CP Chipset; the root cause is a stack-based overflow vulne...
CVE-2021-27901
Summary (CVE-2021-27901) : Affects LG mobile devices running Android 11. The vulnerability arises from mishandling of fingerprint recognition when Local High Beam Mode (LHBM) does not function properly under bright illumination, as identified by LG under ID LVE-SMP-210001 (March 2021). The issue ...
CVE-2021-39643
CVE-2021-39643 affects the Android kernel component in ic_startRetrieveEntryValue inside acropora/app/identity/ic.c, where a missing validation of a return value can bypass defense-in-depth and enable local privilege escalation to SYSTEM. Exploitation requires local access; no user interaction is...
CVE-2021-39645
CVE-2021-39645 is listed in the Google Pixel security bulletin as an Elevation of Privilege (EoP) vulnerability affecting the Bootloader. The CVE is categorized under Pixel issues with High severity. The Pixel bulletin notes patches are included in updates at the 2021-12-05 security patch level f...
CVE-2021-39655
CVE-2021-39655 is listed in Pixel bulletin as an Elevation of Privilege in the Android kernel (Kernel component) affecting Pixel devices, with a high-severity CVSS in NVD (Critical in 3.1). The connected Pixel bulletin entry confirms the issue is categorized under Kernel with EoP impact, but the ...
CVE-2022-20246
CVE-2022-20246 affects Android 13 (WindowManager). The issue is an incorrect UID/permission check that allows bypassing background-activity start restrictions, leading to local escalation of privilege without user interaction. Exploitation is local and requires no additional privileges; CVSS indi...
CVE-2022-20261
The CVE-2022-20261 entry concerns the Android LocationManager component. A missing permission check could allow an attacker to obtain location information, causing local information disclosure. Exploitation requires System privileges but not user interaction, with a local attack vector. Affected ...
CVE-2022-21771
CVE-2022-21771 affects the GED driver and is a use-after-free caused by a race condition, enabling local privilege escalation to System with no user interaction required. The vulnerability details indicate the impact is partial to higher in integrity/availability per CVSS, with local exploit prer...
CVE-2022-21786
CVE-2022-21786 describes a memory corruption vulnerability in MediaTek’s audio DSP caused by improper type casting. The issue can lead to local privilege escalation with system execution privileges required, and does not require user interaction. Affected component: audio DSP type conversion logi...
CVE-2022-26093
CVE-2022-26093 is a vulnerability in the libsimba library’s parser_irot function. The issue is a null pointer dereference that enables an out-of-bounds write by a remote attacker in affected builds prior to Samsung SMR Apr-2022 Release 1. Reports in multiple feeds (NVD, Red Hat, CNVD, CVE lists) ...
CVE-2022-27569
CVE-2022-27569 is a heap-based buffer overflow in the parser_infe function of the libsimba library, exploitable remotely to achieve code execution. The condition is with software versions prior to SMR Apr-2022 Release 1 . Affected component: libsimba parser_infe; root cause: heap overflow. Impact...
CVE-2022-27824
CVE-2022-27824 : The exposed issue is an improper size check in the function sapefd_parse_meta_DESCRIPTION within the libsapeextractor library, before the Samsung SMR Apr-2022 Release 1. This causes an out-of-bounds read when processing a crafted media file. Publicly documented variations describ...
CVE-2022-33730
CVE-2022-33730 describes a heap-based buffer overflow in Samsung Dex for PC prior to SMR Aug-2022 Release 1, allowing arbitrary code execution by physical attackers. Affected: Samsung Dex for PC (pre‑SMR Aug‑2022 Release 1). Root cause: heap-based overflow in Samsung Dex for PC. Impact: potential...
CVE-2022-38682
CVE-2022-38682 affects the contacts service, where a missing permission check could allow a local denial of service without requiring additional privileges. The Red Hat, NVD, CNNVD, and other connected records corroborate the same description; no explicit exploitation details, affected software v...
CVE-2022-39903
CVE-2022-39903 describes an improper access control vulnerability in Samsung RCS calls prior to SMR Dec-2022 Release 1. The issue allows local attackers to access the RCS incoming call number (information disclosure). Affected component: RCS call handling on Samsung mobile devices; root cause: im...
CVE-2023-20841
CVE-2023-20841 affects imgsys and is described as an out-of-bounds write caused by missing valid range checking, enabling local escalation of privileges with System execution privileges needed. User interaction is required for exploitation. Reported patch ID: ALPS07326455 (Issue ID: ALPS07326441)...
CVE-2023-21006
CVE-2023-21006 affects Google Pixel/Android 13 where a missing bounds check in the p2p_iface.cpp file allows an out-of-bounds read, leading to local information disclosure with System privileges required. No user interaction is needed. Remediation: apply Android security updates; Pixel bulletin i...
CVE-2023-21073
CVE-2023-21073 affects the Android kernel component where the function rtt_unpack_xtlv_cbfn in dhd_rtt.c is vulnerable. The issue is a possible out-of-bounds write caused by a buffer overflow, which could enable local escalation of privilege with System execution privileges required. User interac...
CVE-2023-21125
CVE-2023-21125 affects Google Android Bluetooth stack: the function btif_hh_hsdata_rpt_copy_cb in bta_hh.cc suffers a memory corruption due to a use-after-free, enabling local privilege escalation over Bluetooth with no user interaction. The vulnerability is adjacent-network exploitable as per CV...
CVE-2023-21153
CVE-2023-21153 affects Android kernel via Do_AIMS_SET_CALL_WAITING in imsservice.cpp, causing an out-of-bounds read due to a missing bounds check. This can allow local escalation of privilege to System level without user interaction. The issue impacts Android kernel components and is associated w...
CVE-2023-21170
CVE-2023-21170 affects Android 13 devices (notably Pixel). Root cause: a missing bounds check in the function executeSetClientTarget inside ComposerCommandEngine.h, causing a possible out-of-bounds read. Impact: local information disclosure with system privileges required; exploitation does not r...
CVE-2023-21174
CVE-2023-21174 is a vulnerability in Android 13 affecting the isPageSearchEnabled function of BillingCycleSettings.java. The issue allows a guest user to bypass permissions and change data limits, resulting in local privilege escalation with no additional execution privileges and with no user int...
CVE-2023-32880
CVE-2023-32880 concerns the battery module with a missing bounds check that can cause local information disclosure (high confidentiality impact) and requires local access and high privileges; no user interaction is needed. A patch is available (Patch ID: ALPS08308070; Issue ID: ALPS08308076). No ...
CVE-2024-20034
CVE-2024-20034 affects MediaTek battery module, with a missing bounds check that could enable local privilege escalation to System level. The vulnerability relies on no user interaction and has a network-style CVSS base with high impact across confidentiality, integrity, and availability, though ...
CVE-2024-20053
CVE-2024-20053 affects the flashc component. The vulnerability is an out-of-bounds write caused by an uncaught exception, enabling local escalation of privileges with System-level execution privileges required. User interaction is not required. A patch is referenced (ALPS08541757; ALPS08541764). ...
CVE-2024-32923
CVE-2024-32923 concerns Google Pixel devices. The issue is a logic error in the Modem component that can cause a denial of service. It can be triggered remotely with no user interaction and requires no additional privileges (attack vector: LOCAL; impact: Availability. Severity: High per Pixel bul...
CVE-2024-44100
CVE-2024-44100 relates to information disclosure on Google Pixel devices prior to 2024-10-05, specifically in the modem component (A-299774545). The issue stems from a vulnerability in the Pixel modem that enables leakage of information, with a CVSS v3.1 base score of 7.5 (High). Affected product...
CVE-2024-47013
CVE-2024-47013 is described across multiple sources as a flaw in the PMU firmware path (pmucal_rae_handle_seq_int in flexpmu_cal_rae.c) where uninitialized data allows an arbitrary write, enabling local privilege escalation with no user interaction. Documents consistently note the issue affects P...
CVE-2025-0075
CVE-2025-0075 is a use-after-free in process_service_search_attr_req of sdp_server.cc that can lead to remote code execution with no privileges or user interaction. Affected software is the Android platform (System component in the 2025-03-01/03 bulletin) and related Android sources describe this...
CVE-2025-20665
CVE-2025-20665 affects MediaTek chipsets’ devinfo component where a missing SELinux policy enables local information disclosure of the device identifier without additional privileges. Multiple sources corroborate the issue and reference patch ALPS09555228 / MSV-2760 from MediaTek’s bulletin. Impa...
CVE-2025-22408
CVE-2025-22408 affects Google Android in the rfc_check_send_cmd function of rfc_utils.cc, caused by a use-after-free; this enables remote code execution with no extra privileges and without user interaction. Public documents confirm the issue as a System-level vulnerability in Android, with CVSS ...
CVE-2025-22410
CVE-2025-22410 is a use-after-free in Google Android that can lead to arbitrary code execution and local privilege escalation with no user interaction. The issue is classified as RCE, Critical, affecting the Framework/System and is addressed by Android security patches for the 2025-03-01/2025-03-...
CVE-2011-1350
The CVE-2011-1350 entry describes an information-disclosure vulnerability in the PowerVR SGX driver used by Android prior to 2.3.6. The flaw allows an attacker to leak potentially sensitive data from kernel stack memory via a crafted request to the pvrsrvkm device. Affected component: PowerVR SGX...
CVE-2015-1530
The CVE-2015-1530 issue affects Android’s media/libmedia/IAudioPolicyService.cpp prior to Android 5.1. It describes an integer overflow in BnAudioPolicyService::onTransact that can be exploited by a crafted application with an invalid array size to either execute arbitrary code with media_server ...
CVE-2016-10398
CVE-2016-10398 affects Android 6.0 where an authentication bypass exists for attackers with root and physical access. AuthTokens used by the Trusted Execution Environment (TEE) are protected by a weak challenge, enabling replay of captured responses and use of the TEE without authenticating. All ...
CVE-2016-5348
CVE-2016-5348 affects the GPS component in Android, dating from 4.x up to 7.0, where a man-in-the-middle can trigger memory exhaustion and a DoS by sending a large xtra.bin/xtra2.bin from spoofed gpsonextra.net or izatcloud.net hosts. Root cause is malformed/overlarge GPS data files processed by ...
CVE-2017-0756
CVE-2017-0756 is a remote code execution vulnerability in Android’s Media Framework (libstagefright) affecting Android versions 4.4.4 through 7.1.2. The Android bulletin notes this as a critical issue in the Media Framework, with impact described as execution of arbitrary code in a privileged con...
CVE-2018-9339
CVE-2018-9339 affects Android’s framework Parcel.java, specifically in the methods writeTypedArrayList/readTypedArrayList, with a root cause of type confusion that enables local privilege escalation. The vulnerability can be exploited with no user interaction and requires local access. Public doc...
CVE-2018-9388
CVE-2018-9388 affects the Linux touchscreen driver component ftm4_pdc.c (functions store_upgrade and store_cmd). The issue is out-of-bounds writes caused by missing bounds checks or integer underflows, leading to potential elevation of privilege. Documentation across sources (NVD, Red Hat, CVE li...
CVE-2018-9515
CVE-2018-9515 is a kernel vulnerability affecting the Android kernel sdcardfs code (inode.c) where memory corruption can occur due to improper locking, enabling local privilege escalation without user interaction. The issue is categorized as a high-severity Elevation of Privilege (EoP) in the 201...
CVE-2019-2134
CVE-2019-2134 affects Android due to an out-of-bounds write in phFriNfc_ExtnsTransceive (phNxpExtns_MifareStd.cpp) caused by integer overflow. Impact: local privilege escalation with HIGH confidentiality/integrity/availability implications; exploitation requires user interaction and local access....