8153 matches found
CVE-2023-20827
CVE-2023-20827 affects the ims service, where a race condition can cause memory corruption leading to local privilege escalation with SYSTEM rights. Exploitation does not require user interaction, and a patch is identified (ALPS07937105). The available sources consistently describe the issue as a...
CVE-2023-20839
CVE-2023-20839 affects the imgsys component. The root cause is an out-of-bounds read due to missing valid range checking, leading to local information disclosure with system execution privileges required and user interaction for exploitation. The vulnerability is documented across multiple source...
CVE-2023-20996
CVE-2023-20996 affects Android 13 (Pixel devices) and is described as a DoS via an input validation flaw that can trigger a persistent reboot loop. The vulnerability enables local denial of service with no user interaction required and requires user privileges. Public details confirm the issue is...
CVE-2023-21202
CVE-2023-21202 affects Android 13 Bluetooth stack as described in the Android CVE entry. The issue is located in the function btm_delete_stored_link_key_complete in btm_devctl.cc , where a missing bounds check can cause an out-of-bounds read. This can lead to local information disclosure over Blu...
CVE-2023-21205
CVE-2023-21205 is an Android 13 vulnerability affecting the function startWpsPinDisplayInternal in sta_iface.cpp, where unsafe deserialization can cause an out-of-bounds read. This leads to local information disclosure with no additional execution privileges required and does not require user int...
CVE-2023-21391
CVE-2023-21391 is documented in Android 14 release notes as a DoS affecting the System area, attributed to improper input validation in the Messaging context. The impact is remote denial of service without user interaction or elevated privileges, with a network-based attack vector (AV:N, PR:N, UI...
CVE-2024-20054
CVE-2024-20054 concerns a missing bounds check in the gnss component, enabling local privilege escalation with System execution privileges required and no user interaction. The vulnerability is associated with MediaTek/gnss implementations, with a patch identified as ALPS08580200 (Issue ID: ALPS0...
CVE-2024-20060
The CVE-2024-20060 entry concerns MediaTek devices with a vulnerability in the da module causing privilege escalation due to an incorrect status check. Impact is local privilege escalation with System execution privileges required, and exploitation does not require user interaction (per multiple ...
CVE-2024-49740
CVE-2024-49740 affects Google Android and is described as a DoS condition caused by a crash loop from resource exhaustion in multiple locations. Exploitation requires no user interaction and does not need additional privileges (local impact). The Android security bulletin notes patch levels 2025-...
CVE-2025-0074
The CVE-2025-0074 issue affects Google Android’s sdp_discovery.cc (process_service_attr_rsp) where a use-after-free leads to remote code execution with network access and no user interaction. This is categorized as a critical RCE in Android 15 per the 2025-03-01 bulletin, with patch levels 2025-0...
CVE-2025-0082
CVE-2025-0082 describes an information disclosure in Google Android involving StatusHint.java and TelecomServiceImpl.java. The root cause is a confused deputy that could allow an attacker to reveal images across users, resulting in local information disclosure without extra execution privileges. ...
CVE-2025-20653
CVE-2025-20653 corresponds to a MediaTek chipset issue described as an out-of-bounds read caused by an integer overflow. The vulnerability could enable local information disclosure with a high impact on confidentiality, integrity, and availability, requiring physical access to the device and user...
CVE-2010-4804
CVE-2010-4804 affects Android’s built-in browser prior to 2.3.4, enabling remote attackers to read SD card contents via crafted content:// URIs. Root cause involves BrowserActivity.java and BrowserSettings.java in com/android/browser/. The connected sources confirm affected version range and the ...
CVE-2015-1541
CVE-2015-1541 affects Android before version 5.1.1 (LMY48I). The issue resides in AppWidgetServiceImpl in Settings, where an application can obtain a URI permission by sending an Intent with FLAG_GRANT_READ_URI_PERMISSION or FLAG_GRANT_WRITE_URI_PERMISSION. This bypasses intended restrictions and...
CVE-2015-3826
The CVE-2015-3826 issue affects Android’s media stack in libstagefright (MPEG4Extractor.cpp) where MPEG4Extractor::parse3GPPMetaData does not enforce a minimum size for UTF-16 BOM strings. This can enable a remote attacker to trigger a crash in mediaserver via crafted 3GPP metadata (integer under...
CVE-2015-3874
CVE-2015-3874 affects the Sonivox components in Android prior to 5.1.1 LMY48T, allowing remote attackers to execute arbitrary code or cause memory corruption via a crafted media file. The issue is listed in the Android 2015-10-01 bulletin as a remote-code-execution vulnerability in mediaserver-re...
CVE-2015-5573
CVE-2015-5573 is a Type Confusion vulnerability affecting Adobe Flash Player prior to 18.0.0.241 and 19.x prior to 19.0.0.185 on Windows/macOS, and prior to 11.2.202.521 on Linux, plus affected AIR/SDK components. The root cause is a type confusion error that could allow an attacker to execute ar...
CVE-2016-10275
CVE-2016-10275 is an elevation-of-privilege vulnerability in the Qualcomm bootloader that could allow a local malicious Android app to execute arbitrary code in the kernel context. Public documentation ties this to Qualcomm bootloader flaws and Android patch coverage. The Android May 2017 bulleti...
CVE-2017-0392
CVE-2017-0392 is a denial-of-service flaw in Android’s Mediaserver, specifically VBRISeeker.cpp in libstagefright. A crafted media file can cause a device hang or reboot via Mediaserver. Affected products/versions include Android 4.4.4–7.1.1. Public details describe the vulnerability’s root cause...
CVE-2017-0429
CVE-2017-0429 is an elevation-of-privilege vulnerability in the NVIDIA kernel driver’s i2c-hid component, enabling a local attacker to write arbitrary values to kernel memory and potentially execute code with kernel privileges. Public descriptions tie the issue to the NVIDIA kernel driver on Andr...
CVE-2017-0433
CVE-2017-0433 is an elevation-of-privilege flaw in the Synaptics touchscreen driver for Android, tied to the Kernel-3.10 platform. The vulnerability could allow a local, privileged attacker to execute arbitrary code within the touchscreen chipset context. Several connected sources (including NVD ...
CVE-2017-0467
CVE-2017-0467 describes a remote code execution vulnerability in Android’s Mediaserver. An attacker could exploit memory corruption during media file and data processing by using a specially crafted file, enabling code execution within the Mediaserver process. Affected versions are Android 6.0–7....
CVE-2017-0745
CVE-2017-0745 is a remote code execution vulnerability in the Android media framework, specifically the avc decoder. Affected Android versions include 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, and 7.1.2. The connected documents consistently describe the issue as a media-framework fault enablin...
CVE-2017-13316
CVE-2017-13316 affects the Android RecognitionService.java: a missing permission check in checkPermissions could allow a local attacker to bypass permissions and escalate privileges without extra execution privileges or user interaction. The Red Hat and NVD/NVD-derived entries confirm the same de...
CVE-2017-8259
CVE-2017-8259 is a buffer overflow in Qualcomm CAF Android/Linux kernel service locator. Root cause: a buffer size variable is not used to indicate the actual buffer size. Documented impact is high severity with local code execution possibilities, requiring user interaction (CVSS3: HIGH, LOCAL, U...
CVE-2017-9681
In CVE-2017-9681, the issue affects Android devices using the Linux kernel in Qualcomm MSM/CAF builds (including Firefox OS for MSM and QRD Android). The vulnerability arises when a user-supplied kernel memory address is passed from userspace through the iris_vidioc_s_ext_ctrls ioctl, causing the...
CVE-2018-6240
CVE-2018-6240 affects NVIDIA Tegra BootRom. A local attacker with kernel privileges can write an arbitrary value to an arbitrary physical address, enabling escalation of privileges. Connected NVIDIA advisories confirm this vulnerability and map fixes to specific Jetson/Linux-for-Tegra releases: T...
CVE-2018-6267
CVE-2018-6267 affects NVIDIA’s Tegra OpenMax driver (libnvomx): a missing/incorrect validation of input can affect control or data flow, potentially enabling DoS or elevation of privilege. Public NVIDIA bulletins confirm this CVE is addressed as part of Jetson TX1/TX2 L4T updates; remediation inv...
CVE-2018-9407
CVE-2018-9407 : In emmc_rpmb_ioctl of emmc_rpmb.c there is a Missing Bounds Check, leading to potential information disclosure of kernel data. Connected sources confirm this issue on Google Pixel devices and reference the Android Pixel/Nexus security bulletin, which states that patch levels of 20...
CVE-2018-9418
CVE-2018-9418 involves a possible stack buffer overflow in the Android kernel/user-space component described as dtif_rc.cc:handle_app_cur_val_response, caused by a missing bounds check. The Red Hat/NVD/CVE records align with the Android Pixel/Nexus security bulletin noting this issue as a Remote ...
CVE-2018-9488
CVE-2018-9488 is an Android local‑privilege-escalation vulnerability rooted in SELinux permissions for crash_dump.te, allowing an unprivileged user to escalate to System via a multi-stage chain (zygote → crash_dump → vold → init/kernel). Publicly linked PoCs and analyses describe how an attacker ...
CVE-2019-2029
CVE-2019-2029 is a real Android vulnerability affecting Bluetooth handling in tm_ble.c (btm_proc_smp_cback), described as memory corruption via use-after-free that could enable remote code execution with no extra privileges and requires user interaction to exploit. The issue impacts Android versi...
CVE-2019-2043
CVE-2019-2043 describes a local elevation-of-privilege in Android’s SmsDefaultDialog.onStart due to an overlay attack. The vulnerability could allow a malicious local app to gain privileges without extra user consent, with user interaction required for exploitation and impact on Android 7.0–9. Th...
CVE-2019-2059
CVE-2019-2059 affects Android 10 in the libxaac library, where a missing bounds check can cause an out-of-bounds write. This vulnerability could enable remote code execution with user interaction required. The issue is documented across multiple sources (e.g., NVD and Red Hat advisories) with And...
CVE-2019-2119
CVE-2019-2119 affects Android: multiple functions in key_store_service.cpp allow local information disclosure due to improper locking. Impact is disclosure of protected data with no extra privileges and no user interaction required. Affected versions (from discussed entries): Android 8.0, 8.1, an...
CVE-2019-2213
CVE-2019-2213 : A race in binder_free_transaction in binder.c can cause a use-after-free, enabling local privilege escalation without extra privileges. Exploitation is described as LOCAL with no user interaction and relies on the Android kernel’s binder subsystem; it references upstream kernel fi...
CVE-2019-9237
CVE-2019-9237 describes a Bluetooth out-of-bounds read in Android 10 due to a missing bounds check, enabling potential remote information disclosure. Exploitation requires user interaction, and the issue does not require elevated privileges beyond what the user already has. Affected product is An...
CVE-2019-9257
CVE-2019-9257 affects Android 10 Bluetooth stack. The flaw is an out-of-bounds write caused by an integer overflow in Bluetooth, enabling local escalation of privilege with no user interaction required. Affected component: Bluetooth handling in Android 10; impact is local attacker privilege escal...
CVE-2019-9306
CVE-2019-9306 affects Android 10 Media Framework, specifically the libMpegTPDec component, where an out-of-bounds write caused by an integer overflow could enable remote code execution with user interaction. The issue is documented across multiple sources (NVD/Red Hat/PRION) with the Android bull...
CVE-2019-9337
CVE-2019-9337 affects Android 10 via the libavc component, causing information disclosure from uninitialized data. Impact: remote information disclosure without additional execution privileges, with user interaction required for exploitation. Root cause: uninitialized data in libavc. Affected pro...
CVE-2019-9370
Summary: CVE-2019-9370 affects the Android 10 platform’s sonivox component, where an out-of-bounds read occurs due to an incorrect bounds check. This can lead to remote information disclosure, with no additional execution privileges required, and requires user interaction to exploit. The issue is...
CVE-2019-9380
CVE-2019-9380 affects Android 10, specifically a spoofing vulnerability in the Settings UI due to a missing permission check in the Framework. The underlying issue could allow a user to inadvertently change permission settings without additional execution privileges. Exploitation requires user in...
CVE-2019-9408
CVE-2019-9408 affects Android 10 via the libavc component in the Media Framework. Root cause: uninitialized data in libavc can lead to information disclosure. Impact: remote information disclosure without full execution privileges; CVSS notes show confidentiality impact (PARTIAL to HIGH) dependin...
CVE-2019-9413
Summary (CVE-2019-9413) : A Bluetooth component in Android 10 contains an out-of-bounds read due to a missing bounds check, enabling remote information disclosure without extra privileges or user interaction. It is documented with CVSS vectors: CVSS v2 base score 5.0 (Medium) and CVSS v3.1 base s...
CVE-2019-9422
CVE-2019-9422 affects the Android 10 Bluetooth stack, where an out-of-bounds read due to a missing bounds check could lead to remote information disclosure without user interaction. The entry can be exploited over the network (per CVSS). The vulnerability is addressed in the Android 10 security r...
CVE-2020-0056
CVE-2020-0056 is an Android 10 vulnerability affecting the btu_hcif_connection_comp_evt function in btu_hcif.cc, where a missing bounds check can trigger an out-of-bounds read. This may lead to local information disclosure without requiring privileges or user interaction. The issue is documented ...
CVE-2020-0057
CVE-2020-0057 affects Android 10, in btm_process_inq_results (btm_inq.cc) where a missing bounds check enables an out-of-bounds read that can disclose information locally without user interaction or additional privileges. Public documentation indicates mitigation via the March 2020 Android securi...
CVE-2020-0295
CVE-2020-0295 affects Android 11’s Telecom stack, where an unsafe PendingIntent allows a permission bypass leading to local information disclosure with user-execution privileges required. Exploitation is listed as local and does not require user interaction, with the impact stated as partial conf...
CVE-2020-13833
CVE-2020-13833 affects Samsung mobile devices running O(8.x), P(9.0), and Q(10.0). The issue enables arbitrary file overwrites in the system area via a symlink attack. The root cause is a symlink-based overwrite vulnerability in the system area, leading to potential integrity impact (unauthorized...
CVE-2020-28341
The CVE-2020-28341 entry concerns Samsung mobile devices running Q(10.0) on Exynos990 chips, where the S3K250AF Secure Element CC EAL 5+ chip is affected. The underlying issue is a buffer overflow in the Secure Element component, leading to arbitrary code execution and leakage of sensitive inform...