8153 matches found
CVE-2023-35671
The vulnerability CVE-2023-35671 affects Android’s NFC subsystem via HostEmulationManager.java (onHostEmulationData). A logic error can allow a general-purpose NFC reader to read full card numbers and expiry data while the device is on the locked screen, enabling local information disclosure with...
CVE-2020-0213
CVE-2020-0213 affects Android Media Framework (ihevcd_fmt_conv_420sp_to_420sp_av8) and is caused by a heap buffer overflow leading to a possible out-of-bounds write. Impact: remote information disclosure with no execution privileges required, exploitable with user interaction. Affected products/v...
CVE-2017-3544
CVE-2017-3544 is a content spoofing vulnerability in the Networking component of Oracle/OpenJDK’s Java SE/Java SE Embedded/JRockit, specifically an SMTP newline-injection issue in the SMTP client. The connected documents establish that a remote attacker could exploit this via SMTP to manipulate S...
CVE-2022-20024
CVE-2022-20024 is a local elevation-of-privilege vulnerability affecting system services in the Android stack (notably MediaTek–ALPS06219064 reference). The root cause is a missing permission check in a system service, enabling local privilege escalation with no user interaction and low attack co...
CVE-2022-20027
CVE-2022-20027 concerns the Bluetooth stack where a missing bounds check can cause an out-of-bounds write, leading to local elevation of privilege with no additional execution privileges or user interaction required. The vulnerability is associated with MediaTek Bluetooth components (per the Andr...
CVE-2018-9517
CVE-2018-9517 pertains to the Linux kernel vulnerability described as a use-after-free in pppol2tp_connect, leading to memory corruption and local privilege escalation with SYSTEM privileges required on Android kernels. The connected Nessus entries (Unity Linux UTSA advisories and related plugins...
CVE-2020-27068
CVE-2020-27068 is an Android kernel issue that also surfaces in upstream Linux kernel code. The Connected documents confirm concrete exposure in Linux-based environments: Unity Linux advisories UTSA-2026-004302/004038/001442 reference this CVE alongside kernel fixes for Unity Linux 20.1060e/20.10...
CVE-2018-9516
CVE-2018-9516 affects the Linux kernel HID subsystem: in hid_debug_events_read() of drivers/hid/hid-debug.c there is a possible out-of-bounds write due to missing bounds checks. This can enable local privilege escalation with system-level rights; no user interaction is required. The vulnerability...
CVE-2020-0419
CVE-2020-0419 involves Android’s PackageInstallerSession.java, where generateInfo can leak cross-profile URI data during app installation due to a missing permission check. The issue affects Android 8.1–11 and is described as local information disclosure with no authentication or user interaction...
CVE-2022-20048
CVE-2022-20048 affects MediaTek video decoder with a missing bounds check causing an out-of-bounds write and local privilege escalation without user interaction. MTK’s advisory (ALPS05917502) notes the patch, and other sources (NVD, Red Hat, CNVD, CVE listings) corroborate the description. The av...
CVE-2023-20944
CVE-2023-20944 describes an elevation of privilege in Android due to unsafe deserialization in ChooseTypeAndAccountActivity.java. Affected software includes Android 10–13 (per security bulletin data). The underlying issue is a deserialization flaw in the specified activity that could enable a loc...
CVE-2022-20053
CVE-2022-20053 concerns MediaTek IMS service with a missing permission check that enables local privilege escalation. The issue is described as a local EoP without requiring user interaction or additional execution privileges. The vulnerability is associated with patch ID ALPS06219097 (Issue ID A...
CVE-2022-20369
CVE-2022-20369 : In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out-of-bounds write due to improper input validation, leading to local escalation of privileges with System execution privileges needed. User interaction is not required. Connected Astra Linux bulletin reiterates this de...
CVE-2024-49749
CVE-2024-49749 is a vulnerability in the DGifSlurp function of the GIF decoder in dgif_lib.c. It stems from an integer overflow that can trigger an out-of-bounds write, enabling remote code execution. Exploitation is described as possible without additional user interaction. Connected sources (Re...
CVE-2019-9443
CVE-2019-9443 affects the Android kernel VL53L0 driver. The issue is an out-of-bounds write caused by a permissions bypass in the set_fs path, enabling local elevation of privilege without user interaction. Public exploitation details are not provided in the available documents. The vulnerability...
CVE-2022-20422
CVE-2022-20422 is a race-condition memory corruption issue in armv8_deprecated.c (emulation_proc_handler) of the Linux kernel used by Android. It allows local privilege escalation without extra privileges or user interaction, via memory corruption. Connected documents corroborate the same descrip...
CVE-2021-39704
CVE-2021-39704 affects Android platforms (Android 10, 11, 12) and is tied to the NotificationManagerService.deleteNotificationChannelGroup. The issue enables a local elevation of privilege by bypassing a permission, allowing a foreground service to run without a user notification and without user...
CVE-2023-20906
CVE-2023-20906 affects Android’s Framework component (PermissionManagerService.java). The vulnerability enables a silent privilege grant after a Target SDK update, constituting a local Elevation of Privilege (EoP) due to a permissions bypass. Exploitation requires local access with low privileges...
CVE-2023-21106
CVE-2023-21106 affects the Android kernel (Adreno GPU DRM driver). The issue is in the function adreno_set_param in adreno_gpu.c, where a double free can cause memory corruption, enabling local privilege escalation with no user interaction required.
CVE-2015-8956
CVE-2015-8956 detailed in connected sources: The Linux kernel’s rfcomm_sock_bind in net/bluetooth/rfcomm/sock.c, vulnerable before 4.2, may allow a local attacker to obtain sensitive information or cause a denial of service (NULL pointer dereference) via a bind system call on a Bluetooth RFCOMM s...
CVE-2019-9371
CVE-2019-9371 affects libvpx and is characterized by a resource-exhaustion denial of service due to improper input validation. The issue is linked to multiple package advisories and security bulletins across distributions (e.g., Debian DSA-4578-1, AlmaLinux libvpx security update, Fedora package ...
CVE-2021-0308
CVE-2021-0308: In ReadLogicalParts of basicmbr.cc there is a missing bounds check causing an out-of-bounds write. This could enable local escalation of privilege with no additional execution privileges and no user interaction. Affected products listed include Android versions 8.1–11 (Android-8.1,...
CVE-2021-0561
CVE-2021-0561 is an out-of-bounds write in append_to_verify_fifo_interleaved_() of stream_encoder.c, enabling local information disclosure without extra privileges. The vulnerability is observed in FLAC libraries across multiple distros; no exploit details are provided in the documents. Remediati...
CVE-2020-6616
CVE-2020-6616 involves Broadcom BCM4361 Bluetooth RNG: a low-entropy PRNG is used where a Hardware RNG should be, enabling spoofing risks. Publicly documented impact references include Apple’s iOS 13.5/iPadOS 13.5 notes, which list CVE-2020-6616 under Bluetooth with a low-entropy PRNG issue, affe...
CVE-2023-40129
CVE-2023-40129 describes a heap-based out-of-bounds write in the Bluetooth stack (build_read_multi_rsp in gatt_sr.cc) that enables remote code execution with no user interaction. The NVD entry and Android security documentation indicate an adjacent attack vector with high impact and a base CVSS v...
CVE-2021-39807
CVE-2021-39807 describes a local elevation-of-privilege flaw in Android’s SecureNfcEnabler.java (handleNfcStateChanged) that allows enabling NFC from a Guest account due to a missing permission check. Affected products/versions include Android 10, 11, 12, and 12L. The impact is local privilege es...
CVE-2021-39801
CVE-2021-39801 affects the Android kernel ion subsystem (ion-ioctl.c). The vulnerability is a use-after-free caused by improper locking in ion_ioctl, enabling local escalation of privilege with no additional privileges or user interaction required. Exploitation details are not provided beyond tho...
CVE-2022-20353
CVE-2022-20353 is an Android Media Framework issue affecting Android 10–12/12L, described as an information disclosure vulnerability in the onSaveRingtone path of DefaultRingtonePreference.java . The root cause is improper input validation leading to an inappropriate file read, enabling local inf...
CVE-2015-6639
CVE-2015-6639 details: A privilege-escalation in the Widevine QSEE TrustZone app on Android 5.x (before 5.1.1 LMY49F) and 6.0 (before 2016‑01‑01) allows a crafted app with QSEECOM access to gain privileges. Root cause involves trustlet/TrustZone interaction enabling local escalation via the QSEE ...
CVE-2016-0801
CVE-2016-0801 affects Broadcom BCM43xx Wi‑Fi firmware used by Broadcom devices. The Debian/Mageia advisories describe memory corruption in Broadcom Wi‑Fi firmware/packets processing that could enable remote code execution, potentially leading to privilege escalation or data disclosure. Debian not...
CVE-2021-39803
CVE-2021-39803 affects Android Media Framework (Media Codecs) with the vulnerable component C2AllocatorIon.cpp. The root cause is an out-of-bounds read caused by a use-after-free, leading to remote information disclosure without executing code, with user interaction required for exploitation. Imp...
CVE-2017-7376
CVE-2017-7376 is described in the connected IBM bulletin as a buffer overflow in libxml2 that allows remote code execution by exploiting an incorrect limit for port values when handling redirects. The provided documents confirm the existence of this vulnerability and its impact on libxml2, but do...
CVE-2021-39708
CVE-2021-39708 affects Android 12 and is caused by an out-of-bounds write in gatt_process_notification (gatt_cl.cc) due to an incorrect bounds check, enabling remote elevation of privilege without user interaction. Multiple connected sources corroborate the issue and classify it as a critical EoP...
CVE-2019-9451
CVE-2019-9451 affects the Android kernel touchscreen driver. The flaw is an out-of-bounds write caused by a missing bounds check, enabling local escalation of privilege with System execution privileges. Exploitation is not dependent on user interaction. The available documents do not specify a pa...
CVE-2017-13194
CVE-2017-13194 affects libvpx used by the Android media framework. The root cause is incorrect validation of odd frame widths in libvpx, enabling denial of service and, in some advisories, potential arbitrary code execution. Affected environments include Android 7.x–8.x and various Linux distribu...
CVE-2019-2201
CVE-2019-2201: Out-of-bounds write in generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S can enable remote code execution in unprivileged Android processes (Android 8.0–10). Root cause is a missing bounds check in the NEON path; exploitation requires user interaction. Remediation: Android ...
CVE-2019-9461
CVE-2019-9461 affects the Android kernel VPN routing component. The issue enables a potential information disclosure by an adjacent-network attacker, with no additional execution privileges and no user interaction required. The vulnerability is listed under the Pixel/Android 2019-09-01 bulletin w...
CVE-2022-20114
CVE-2022-20114 affects Android (10–12, 12L) and is tied to a flaw in TelecomManager.java: the placeCall path can let an app keep itself running with foreground service importance, bypassing a permission and enabling local privilege escalation without extra execution privileges. The issue is class...
CVE-2022-20409
CVE-2022-20409 : The vulnerability exists in the Linux kernel’s io_uring.c, specifically in io_identity_cow, where a use-after-free can corrupt memory and enable local privilege escalation. The Android/Linux kernel context is affected (Android kernel and EulerOS advisories reference this CVE). Ex...
CVE-2024-44092
CVE-2024-44092 describes a missing LCS signing enforcement caused by test/debugging code left in a production build, potentially enabling local privilege escalation without user interaction. Public materials in this set confirm impact on Google Pixel/Android components, with references in the Pix...
CVE-2019-9271
The CVE-2019-9271 issue is a race condition in the Android kernel MNH driver caused by insufficient locking, leading to a use-after-free and potential privilege escalation to System level. Affected component: MNH driver in Android kernel. Impact: elevation of privilege with partial/hardening impl...
CVE-2021-39697
CVE-2021-39697 affects Android 11/12 via the DownloadProvider.java checkFileUriDestination path, where a missing permission check may bypass external storage private directories protection. This could allow local elevation of privilege with User-level privileges and no user interaction required. ...
CVE-2021-39794
CVE-2021-39794 affects Android 11–12/12L, in the AdbService.java method broadcastPortInfo . The issue is a missing permission check that can allow apps to execute code as the shell user when wireless debugging is enabled, causing local elevation of privilege. Exploitation requires user interactio...
CVE-2022-20004
CVE-2022-20004 is a local-elevation vulnerability in Android where checkSlicePermission in SliceManagerService.java can access any slice URI due to improper input validation. Affected: Android 10–12L (including 12L) per multiple sources. Impact: local privilege escalation with high severity (CVSS...
CVE-2022-20456
CVE-2022-20456 : In AutomaticZenRule.java, there is a vulnerability due to a failure to persist permissions settings caused by resource exhaustion, which could lead to local elevation of privilege with no additional execution privileges needed. Affected: Android 10–13 (Android-10, Android-11, And...
CVE-2023-21096
CVE-2023-21096: A use-after-free in OnWakelockReleased within attribution_processor.cc in Android can lead to remote code execution with no privileges and no user interaction. Public documentation identifies this as a critical RCE in the System component affecting Android 12, 12L, and 13, with pa...
CVE-2022-20481
CVE-2022-20481 affects Android 10–13. The issue involves preserving WiFi settings due to residual data after a reset, enabling local information disclosure without extra execution privileges. Root cause: residual WiFi data in multiple files. Impact: confidentiality loss (high); no integrity/avail...
CVE-2020-0009
CVE-2020-0009 affects the Android kernel ashmem.c (calc_vm_may_flags): an insecure permissions bypass can allow an arbitrary write to shared memory, enabling local privilege escalation by corrupting inter-process memory. Exploitation is possible without user interaction, and no additional executi...
CVE-2020-0256
CVE-2020-0256 is a vulnerability in the gdisk GPT disk utility. The issue is an out-of-bounds write in LoadPartitionTable of gpt.cc, caused by a missing bounds check, which could enable local escalation of privilege when inserting a malicious USB device. Affected software across multiple distribu...
CVE-2021-39624
CVE-2021-39624 affects Android PackageManager and can trigger a permanent DoS via resource exhaustion. The issue enables local DoS with user privileges, no user interaction required. Public details confirm impact on Android 10–12/12L (including Android-11, Android-12, Android-12L) with the strong...