8153 matches found
CVE-2022-30753
Affected software: Samsung SecSoterService on Samsung mobile devices. Issue: improper use of a unique device ID in unprotected SecSoterService, enabling local attackers to obtain the device ID without permission. Impact: information disclosure limited to local access. Root cause: unprotected hand...
CVE-2022-32595
CVE-2022-32595 affects Widevine with an out-of-bounds read caused by an incorrect bounds check. This vulnerability could lead to local information disclosure; the impact is described as high for confidentiality, with system-level execution privileges needed and no user interaction required. The a...
CVE-2022-33685
Samsung Wearable Manager Service on Samsung mobile devices is affected by an unprotected dynamic receiver vulnerability, allowing attackers to launch arbitrary activity and access sensitive information. The issue stems from an unprotected receiver in the Wearable Manager and is mitigated by the S...
CVE-2022-33720
CVE-2022-33720 concerns Samsung AppLock. The vulnerability is an improper authentication issue in AppLock prior to SMR Aug-2022 Release 1, which could let a physical attacker bypass the lock and access Chrome secured by AppLock via a new tap shortcut. Affected component: AppLock’s Chrome access c...
CVE-2022-33731
CVE-2022-33731 involves an improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1. The issue allows an attacker with local access to enable or disable arbitrary components within DesktopSystemUI. Affected software: DesktopSystemUI (pre-SMR Aug-2022 Release 1). Ro...
CVE-2022-38684
The CVE-2022-38684 entry describes a vulnerability in the Contacts service caused by a missing permission check, enabling local denial of service with no additional privileges required. The connected documents corroborate the core issue (missing permission validation) and the local impact, but do...
CVE-2022-39886
CVE-2022-39886 concerns an improper access control vulnerability in the IpcRxServiceModeBigDataInfo component of RIL, prior to Samsung SMR Nov-2022 Release 1. A local attacker could access device information due to the access-control weakness in RIL. Affected: Samsung devices running RIL before t...
CVE-2023-20802
In imgsys, a memory corruption vulnerability arises from improper input validation that could enable local escalation of privilege requiring System execution privileges. User interaction is needed for exploitation. A patch is identified (Patch ID: ALPS07420968; Issue ID: ALPS07420976). Public tec...
CVE-2023-21151
CVE-2023-21151 affects the Google BMS kernel module in the Android kernel (Pixel devices). The issue is a heap buffer overflow that can cause an out-of-bounds write, enabling local escalation of privileges to System level. Exploitation requires local access; user interaction is not needed. Public...
CVE-2023-21160
CVE-2023-21160 affects the Android kernel via a heap buffer overflow in BuildSetTcsFci (protocolmiscbuilder.cpp) that can cause a local out-of-bounds read and information disclosure without requiring user interaction. Public details across sources confirm the impact as local information disclosur...
CVE-2023-21167
CVE-2023-21167 affects Android 13, in DevicePolicyManagerService.setProfileName. The issue is an out-of-bounds/ missing bounds check that can crash the SystemUI menu, causing local denial of service without extra privileges and without user interaction. Public documents consistently frame this as...
CVE-2023-21168
CVE-2023-21168 affects Android 13 and specifically the ColorConverter.cpp function convertCbYCrY, where a missing bounds check may cause an out-of-bounds read and local information disclosure without requiring user interaction. Multiple sources (NVD entry, Red Hat advisory, PRION/OSV enrichment, ...
CVE-2023-21181
CVE-2023-21181: In btm_ble_update_inq_result in btm_ble_gap.cc (Android 13) there is a possible out-of-bounds read due to a heap buffer overflow, potentially enabling local information disclosure with system privileges. Exploitation does not require user interaction. Affected product/version: And...
CVE-2023-21367
CVE-2023-21367 concerns the Android Scudo memory allocator. The connected documents confirm a heap OOB read/write due to an insecure implementation/design, enabling local information disclosure without extra execution privileges and with no user interaction required. The Android 14 security relea...
CVE-2023-21419
CVE-2023-21419 describes an issue in Samsung Secure Folder where improper implementation logic can cause the Secure Folder container to remain unlocked under certain conditions. Affected software: Secure Folder on Samsung devices (prior to SMR Jan-2023 Release 1). Root cause: implementation flaw ...
CVE-2023-32830
CVE-2023-32830 concerns a vulnerability in TVAPI where a missing bounds check can cause an out-of-bounds write. The root cause is a bounds-check omission in TVAPI, enabling local escalation of privilege with System execution privileges required; no user interaction is needed. The impact is descri...
CVE-2023-32883
CVE-2023-32883 affects MediaTek devices with Engineer Mode where a missing bounds check enables an out-of-bounds write, potentially allowing local escalation of privileges (System) without user interaction. Root cause: improper bounds checking in Engineer Mode. Impact: local privilege escalation ...
CVE-2025-0074
The CVE-2025-0074 issue affects Google Android’s sdp_discovery.cc (process_service_attr_rsp) where a use-after-free leads to remote code execution with network access and no user interaction. This is categorized as a critical RCE in Android 15 per the 2025-03-01 bulletin, with patch levels 2025-0...
CVE-2025-0082
CVE-2025-0082 describes an information disclosure in Google Android involving StatusHint.java and TelecomServiceImpl.java. The root cause is a confused deputy that could allow an attacker to reveal images across users, resulting in local information disclosure without extra execution privileges. ...
CVE-2025-20650
CVE-2025-20650: A possible out-of-bounds write due to a missing bounds check could allow local elevation of privilege on affected MediaTek devices when an attacker has physical access. The vulnerability requires no additional execution privileges but does require user interaction according to the...
CVE-2025-22405
CVE-2025-22405 is an Android elevation-of-privilege vulnerability described as a use-after-free in multiple locations that could enable local code execution with no user interaction. Public sources/connected documents note this CVE as an EoP issue with high severity affecting Android components; ...
CVE-2025-22407
CVE-2025-22407 is a use-after-free in the Android HID (hidd) component, specifically in hidd_check_config_done of hidd_conn.cc, enabling potential arbitrary code execution and local information disclosure without extra privileges or user interaction. The vulnerability is discussed across multiple...
CVE-2012-4220
CVE-2012-4220 / CVE-2012-4221 affect the Qualcomm DIAG kernel-mode driver for Android 2.3–4.2. diagchar_core.c (CVE-2012-4220) and diagchar_core.c with an untrusted pointer dereference (CVE-2012-4221) allow a local application to exploit crafted arguments via diagchar_ioctl to execute arbitrary c...
CVE-2015-3860
CVE-2015-3860 is a Lockscreen elevation-of-privilege flaw in Android 5.0/5.1 (build LMY48M) where the passwordEntry field in Keyguard does not cap input length, enabling a physical attacker to crash SystemUI and bypass the lock screen. Affected versions include Android 5.0 and 5.1 up to 5.1.0; Go...
CVE-2015-6616
CVE-2015-6616 is a memory-corruption vulnerability in Android’s mediaserver. It affects Android versions prior to 5.1.1 LMY48Z and 6.0 prior to 2015-12-01, allowing remote attackers to execute arbitrary code or cause a denial of service via a crafted media file (internal bugs 24630158 and 2388280...
CVE-2016-0802
CVE-2016-0802 affects the Broadcom Wi‑Fi kernel driver, vulnerable in Android 4.x up to 4.4.3/4.4.4, 5.x up to 5.1.x, and 6.x up to 2016-02-01. An unauthenticated, adjacent attacker can send crafted wireless control message packets to trigger memory corruption, leading to remote code execution or...
CVE-2016-1503
CVE-2016-1503 affects dhcpcd prior to version 6.10.0 (used in Android 4.x/5.x/6.x and other products). The issue is a mismanagement of DHCP option lengths in the print_option path, leading to a heap-based buffer overflow that can enable remote code execution or cause a denial of service via malfo...
CVE-2016-1948
Mozilla Firefox for Android before 44.0 is vulnerable to MITM during lightweight-theme installation because it may not require HTTPS for the client-server data stream, allowing an attacker to replace theme images/colors. Connected advisories indicate this is a real vulnerability affecting Firefox...
CVE-2016-5856
Technical details for CVE-2016-5856 are not publicly available in the provided documents. Monitor for updates.
CVE-2017-0392
CVE-2017-0392 is a denial-of-service flaw in Android’s Mediaserver, specifically VBRISeeker.cpp in libstagefright. A crafted media file can cause a device hang or reboot via Mediaserver. Affected products/versions include Android 4.4.4–7.1.1. Public details describe the vulnerability’s root cause...
CVE-2017-0421
CVE-2017-0421 is an information-disclosure vulnerability in the Android Framework APIs that could allow a local malicious app to bypass OS protections and access data it should not. Affected products/versions per the CVE entry include Android 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, and 7.1.1. In the conne...
CVE-2017-0678
CVE-2017-0678 is a remote code execution vulnerability in Android's media framework affecting Android 7.0, 7.1.1 and 7.1.2. The issue appears in the 2017 July Android Security Bulletin under Media framework, with patches released via the July 2017 patch levels (2017-07-01 and 2017-07-05). No expl...
CVE-2017-0718
CVE-2017-0718 is a remote code execution flaw in Android’s media framework MPEG-2 decoder impacting Android 6.0, 6.0.1, 7.0, 7.1.1 and 7.1.2. Public detail confirms it as a Media framework RCE issue; root cause is in the MPEG-2 decoder path. The Android Bulletin (Aug 2017) documents this and note...
CVE-2017-0745
CVE-2017-0745 is a remote code execution vulnerability in the Android media framework, specifically the avc decoder. Affected Android versions include 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, and 7.1.2. The connected documents consistently describe the issue as a media-framework fault enablin...
CVE-2017-0809
The CVE-2017-0809 entry describes a remote code execution vulnerability in the Android media framework (libstagefright). Affected product: Android. Vulnerable component/file: Android’s media framework library libstagefright. Root cause: remote attacker could craft a file to trigger code execution...
CVE-2017-13280
CVE-2017-13280 affects the Android/libframesequence library, specifically the FrameSequence_gif function. The issue is an out-of-bounds read due to a missing bounds check, leading to a remote DoS without user interaction. Affected Android versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. The vul...
CVE-2017-13323
CVE-2017-13323 is a Google/Android elevation-of-privilege flaw caused by an out-of-bounds write in String16.cpp due to an integer overflow. The Red Hat and CNVD entries restate the issue; Android/Pixel bulletin notes this CVE as EoP (Moderate) and indicates patches are included in the 2018-05-05 ...
CVE-2018-9395
The CVE-2018-9395 issue affects the Mediatek WLAN driver (mtk_cfg80211_vendor_packet_keep_alive_start and mtk_cfg80211_vendor_set_config) in drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_vendor.c. It describes a possible out-of-bounds write due to a missing bounds check, enabling local...
CVE-2018-9431
CVE-2018-9431 : The connected documents confirm a local elevation of privilege due to improper input validation in OSUInfo.java (OSUInfo component). The impact is described as local Privilege Escalation without user interaction. No exploit pathways, affected product versions, or fix/patch details...
CVE-2018-9466
CVE-2018-9466 : A vulnerability in libxml2’s valid.c xmlSnprintfElementContent can cause an out-of-bounds write, enabling remote escalation of privilege in an unprivileged process with user interaction required. Public details across sources confirm the issue’s presence in libxml2 and describe th...
CVE-2019-2047
CVE-2019-2047 is an Android vulnerability in the UpdateLoadElement path of the ic.cc file, caused by a type confusion that can trigger an out-of-bounds write. This could allow remote code execution in the proxy auto-config (PAC) context, with no required privileges and no user interaction. The we...
CVE-2019-2205
CVE-2019-2205 affects Android 8.0–10 and is caused by a use-after-free in ProxyResolverV8::SetPacScript (proxy_resolver_v8.cc), leading to memory corruption and remote code execution without user interaction. Exploitation is network-based (no privileges required) with high impact on confidentiali...
CVE-2019-9298
CVE-2019-9298 affects Android 10 in the Media Framework (libAACdec). A vulnerability in the library allows an out-of-bounds write caused by an integer overflow, potentially enabling remote code execution. Exploitation requires user interaction. The issue is categorized as RCE with impact to confi...
CVE-2019-9363
CVE-2019-9363 affects Android 10 Bluetooth and describes an out-of-bounds write caused by a missing bounds check. This could allow remote code execution with no privileges, requiring user interaction to exploit. Affected product/area: Android 10 Bluetooth stack. Root cause: improper bounds checki...
CVE-2021-0554
CVE-2021-0554 affects Android 11, where isBackupServiceActive in BackupManagerService.java lacks a required permission check, enabling local information disclosure without user interaction. Documented risk: local disclosure with no privileges beyond local access; attack complexity LOW. Remediatio...
CVE-2021-0976
CVE-2021-0976 concerns an out-of-bounds read in Android’s toBARK implementation (floor0.c). The root cause is a missing bounds check, enabling possible remote information disclosure with no execution privileges; exploitation requires user interaction. Affected software is Android 12 (Android ID A...
CVE-2021-0985
CVE-2021-0985 affects Android 12 via AlertReceiver.java (onReceive). A missing permission check could allow dismissing a system dialog, enabling local privilege escalation without extra execution privileges or user interaction. The Pixel bulletin lists this under Framework with updated AOSP patch...
CVE-2021-0991
CVE-2021-0991 affects Android 12 via the OnMetadataChangedListener in AdvancedBluetoothDetailsHeaderController.java, causing a log information disclosure that could leak Bluetooth MAC addresses. The root cause is information disclosure through verbose/loggable data, enabling local information dis...
CVE-2021-0995
The CVE-2021-0995 entry affects Android 12 and is tied to the WifiServiceImpl.registerSuggestionConnectionStatusListener function, enabling a side-channel information disclosure to infer whether an app is installed without query permissions. This results in local information disclosure with no ex...
CVE-2021-1001
CVE-2021-1001 describes a vulnerability in the Android Media/Video encoding path: In PVInitVideoEncoder of mp4enc_api.cpp, an out-of-bounds read caused by a heap buffer overflow can lead to local information disclosure without additional privileges or user interaction. Affected is Android 12; exp...