8153 matches found
CVE-2020-0499
The CVE-2020-0499 entry concerns FLAC:bitreader_read_rice_signed_block where a heap buffer overflow can cause an out-of-bounds read, enabling remote information disclosure in Android-11. Exploitation reportedly requires user interaction; impact is information disclosure with low/medium severity d...
CVE-2024-49747
CVE-2024-49747 affects Android via the Bluetooth stack: in function gatts_process_read_by_type_req within gatt_sr.cc, a logic error can cause an out-of-bounds write. This could enable remote code execution with no additional privileges and without user interaction. The available documents consist...
CVE-2017-3544
CVE-2017-3544 is a content spoofing vulnerability in the Networking component of Oracle/OpenJDK’s Java SE/Java SE Embedded/JRockit, specifically an SMTP newline-injection issue in the SMTP client. The connected documents establish that a remote attacker could exploit this via SMTP to manipulate S...
CVE-2022-20024
CVE-2022-20024 is a local elevation-of-privilege vulnerability affecting system services in the Android stack (notably MediaTek–ALPS06219064 reference). The root cause is a missing permission check in a system service, enabling local privilege escalation with no user interaction and low attack co...
CVE-2018-9517
CVE-2018-9517 pertains to the Linux kernel vulnerability described as a use-after-free in pppol2tp_connect, leading to memory corruption and local privilege escalation with SYSTEM privileges required on Android kernels. The connected Nessus entries (Unity Linux UTSA advisories and related plugins...
CVE-2018-9516
CVE-2018-9516 affects the Linux kernel HID subsystem: in hid_debug_events_read() of drivers/hid/hid-debug.c there is a possible out-of-bounds write due to missing bounds checks. This can enable local privilege escalation with system-level rights; no user interaction is required. The vulnerability...
CVE-2020-0419
CVE-2020-0419 involves Android’s PackageInstallerSession.java, where generateInfo can leak cross-profile URI data during app installation due to a missing permission check. The issue affects Android 8.1–11 and is described as local information disclosure with no authentication or user interaction...
CVE-2020-27068
CVE-2020-27068 is an Android kernel issue that also surfaces in upstream Linux kernel code. The Connected documents confirm concrete exposure in Linux-based environments: Unity Linux advisories UTSA-2026-004302/004038/001442 reference this CVE alongside kernel fixes for Unity Linux 20.1060e/20.10...
CVE-2022-20027
CVE-2022-20027 concerns the Bluetooth stack where a missing bounds check can cause an out-of-bounds write, leading to local elevation of privilege with no additional execution privileges or user interaction required. The vulnerability is associated with MediaTek Bluetooth components (per the Andr...
CVE-2019-9443
CVE-2019-9443 affects the Android kernel VL53L0 driver. The issue is an out-of-bounds write caused by a permissions bypass in the set_fs path, enabling local elevation of privilege without user interaction. Public exploitation details are not provided in the available documents. The vulnerability...
CVE-2022-20053
CVE-2022-20053 concerns MediaTek IMS service with a missing permission check that enables local privilege escalation. The issue is described as a local EoP without requiring user interaction or additional execution privileges. The vulnerability is associated with patch ID ALPS06219097 (Issue ID A...
CVE-2022-20422
CVE-2022-20422 is a race-condition memory corruption issue in armv8_deprecated.c (emulation_proc_handler) of the Linux kernel used by Android. It allows local privilege escalation without extra privileges or user interaction, via memory corruption. Connected documents corroborate the same descrip...
CVE-2023-20944
CVE-2023-20944 describes an elevation of privilege in Android due to unsafe deserialization in ChooseTypeAndAccountActivity.java. Affected software includes Android 10–13 (per security bulletin data). The underlying issue is a deserialization flaw in the specified activity that could enable a loc...
CVE-2021-39704
CVE-2021-39704 affects Android platforms (Android 10, 11, 12) and is tied to the NotificationManagerService.deleteNotificationChannelGroup. The issue enables a local elevation of privilege by bypassing a permission, allowing a foreground service to run without a user notification and without user...
CVE-2022-20369
CVE-2022-20369 : In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out-of-bounds write due to improper input validation, leading to local escalation of privileges with System execution privileges needed. User interaction is not required. Connected Astra Linux bulletin reiterates this de...
CVE-2023-20906
CVE-2023-20906 affects Android’s Framework component (PermissionManagerService.java). The vulnerability enables a silent privilege grant after a Target SDK update, constituting a local Elevation of Privilege (EoP) due to a permissions bypass. Exploitation requires local access with low privileges...
CVE-2024-49749
CVE-2024-49749 is a vulnerability in the DGifSlurp function of the GIF decoder in dgif_lib.c. It stems from an integer overflow that can trigger an out-of-bounds write, enabling remote code execution. Exploitation is described as possible without additional user interaction. Connected sources (Re...
CVE-2022-20048
CVE-2022-20048 affects MediaTek video decoder with a missing bounds check causing an out-of-bounds write and local privilege escalation without user interaction. MTK’s advisory (ALPS05917502) notes the patch, and other sources (NVD, Red Hat, CNVD, CVE listings) corroborate the description. The av...
CVE-2021-0561
CVE-2021-0561 is an out-of-bounds write in append_to_verify_fifo_interleaved_() of stream_encoder.c, enabling local information disclosure without extra privileges. The vulnerability is observed in FLAC libraries across multiple distros; no exploit details are provided in the documents. Remediati...
CVE-2023-21106
CVE-2023-21106 affects the Android kernel (Adreno GPU DRM driver). The issue is in the function adreno_set_param in adreno_gpu.c, where a double free can cause memory corruption, enabling local privilege escalation with no user interaction required.
CVE-2015-8956
CVE-2015-8956 detailed in connected sources: The Linux kernel’s rfcomm_sock_bind in net/bluetooth/rfcomm/sock.c, vulnerable before 4.2, may allow a local attacker to obtain sensitive information or cause a denial of service (NULL pointer dereference) via a bind system call on a Bluetooth RFCOMM s...
CVE-2019-9371
CVE-2019-9371 affects libvpx and is characterized by a resource-exhaustion denial of service due to improper input validation. The issue is linked to multiple package advisories and security bulletins across distributions (e.g., Debian DSA-4578-1, AlmaLinux libvpx security update, Fedora package ...
CVE-2020-6616
CVE-2020-6616 involves Broadcom BCM4361 Bluetooth RNG: a low-entropy PRNG is used where a Hardware RNG should be, enabling spoofing risks. Publicly documented impact references include Apple’s iOS 13.5/iPadOS 13.5 notes, which list CVE-2020-6616 under Bluetooth with a low-entropy PRNG issue, affe...
CVE-2021-0308
CVE-2021-0308: In ReadLogicalParts of basicmbr.cc there is a missing bounds check causing an out-of-bounds write. This could enable local escalation of privilege with no additional execution privileges and no user interaction. Affected products listed include Android versions 8.1–11 (Android-8.1,...
CVE-2022-20353
CVE-2022-20353 is an Android Media Framework issue affecting Android 10–12/12L, described as an information disclosure vulnerability in the onSaveRingtone path of DefaultRingtonePreference.java . The root cause is improper input validation leading to an inappropriate file read, enabling local inf...
CVE-2023-40129
CVE-2023-40129 describes a heap-based out-of-bounds write in the Bluetooth stack (build_read_multi_rsp in gatt_sr.cc) that enables remote code execution with no user interaction. The NVD entry and Android security documentation indicate an adjacent attack vector with high impact and a base CVSS v...
CVE-2021-39803
CVE-2021-39803 affects Android Media Framework (Media Codecs) with the vulnerable component C2AllocatorIon.cpp. The root cause is an out-of-bounds read caused by a use-after-free, leading to remote information disclosure without executing code, with user interaction required for exploitation. Imp...
CVE-2021-39708
CVE-2021-39708 affects Android 12 and is caused by an out-of-bounds write in gatt_process_notification (gatt_cl.cc) due to an incorrect bounds check, enabling remote elevation of privilege without user interaction. Multiple connected sources corroborate the issue and classify it as a critical EoP...
CVE-2021-39801
CVE-2021-39801 affects the Android kernel ion subsystem (ion-ioctl.c). The vulnerability is a use-after-free caused by improper locking in ion_ioctl, enabling local escalation of privilege with no additional privileges or user interaction required. Exploitation details are not provided beyond tho...
CVE-2021-39807
CVE-2021-39807 describes a local elevation-of-privilege flaw in Android’s SecureNfcEnabler.java (handleNfcStateChanged) that allows enabling NFC from a Guest account due to a missing permission check. Affected products/versions include Android 10, 11, 12, and 12L. The impact is local privilege es...
CVE-2015-6639
CVE-2015-6639 details: A privilege-escalation in the Widevine QSEE TrustZone app on Android 5.x (before 5.1.1 LMY49F) and 6.0 (before 2016‑01‑01) allows a crafted app with QSEECOM access to gain privileges. Root cause involves trustlet/TrustZone interaction enabling local escalation via the QSEE ...
CVE-2016-0801
CVE-2016-0801 affects Broadcom BCM43xx Wi‑Fi firmware used by Broadcom devices. The Debian/Mageia advisories describe memory corruption in Broadcom Wi‑Fi firmware/packets processing that could enable remote code execution, potentially leading to privilege escalation or data disclosure. Debian not...
CVE-2019-9451
CVE-2019-9451 affects the Android kernel touchscreen driver. The flaw is an out-of-bounds write caused by a missing bounds check, enabling local escalation of privilege with System execution privileges. Exploitation is not dependent on user interaction. The available documents do not specify a pa...
CVE-2017-7376
CVE-2017-7376 is described in the connected IBM bulletin as a buffer overflow in libxml2 that allows remote code execution by exploiting an incorrect limit for port values when handling redirects. The provided documents confirm the existence of this vulnerability and its impact on libxml2, but do...
CVE-2019-9461
CVE-2019-9461 affects the Android kernel VPN routing component. The issue enables a potential information disclosure by an adjacent-network attacker, with no additional execution privileges and no user interaction required. The vulnerability is listed under the Pixel/Android 2019-09-01 bulletin w...
CVE-2017-13194
CVE-2017-13194 affects libvpx used by the Android media framework. The root cause is incorrect validation of odd frame widths in libvpx, enabling denial of service and, in some advisories, potential arbitrary code execution. Affected environments include Android 7.x–8.x and various Linux distribu...
CVE-2019-2201
CVE-2019-2201: Out-of-bounds write in generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S can enable remote code execution in unprivileged Android processes (Android 8.0–10). Root cause is a missing bounds check in the NEON path; exploitation requires user interaction. Remediation: Android ...
CVE-2022-20114
CVE-2022-20114 affects Android (10–12, 12L) and is tied to a flaw in TelecomManager.java: the placeCall path can let an app keep itself running with foreground service importance, bypassing a permission and enabling local privilege escalation without extra execution privileges. The issue is class...
CVE-2022-20409
CVE-2022-20409 : The vulnerability exists in the Linux kernel’s io_uring.c, specifically in io_identity_cow, where a use-after-free can corrupt memory and enable local privilege escalation. The Android/Linux kernel context is affected (Android kernel and EulerOS advisories reference this CVE). Ex...
CVE-2019-9271
The CVE-2019-9271 issue is a race condition in the Android kernel MNH driver caused by insufficient locking, leading to a use-after-free and potential privilege escalation to System level. Affected component: MNH driver in Android kernel. Impact: elevation of privilege with partial/hardening impl...
CVE-2024-44092
CVE-2024-44092 describes a missing LCS signing enforcement caused by test/debugging code left in a production build, potentially enabling local privilege escalation without user interaction. Public materials in this set confirm impact on Google Pixel/Android components, with references in the Pix...
CVE-2021-39697
CVE-2021-39697 affects Android 11/12 via the DownloadProvider.java checkFileUriDestination path, where a missing permission check may bypass external storage private directories protection. This could allow local elevation of privilege with User-level privileges and no user interaction required. ...
CVE-2022-20004
CVE-2022-20004 is a local-elevation vulnerability in Android where checkSlicePermission in SliceManagerService.java can access any slice URI due to improper input validation. Affected: Android 10–12L (including 12L) per multiple sources. Impact: local privilege escalation with high severity (CVSS...
CVE-2021-39794
CVE-2021-39794 affects Android 11–12/12L, in the AdbService.java method broadcastPortInfo . The issue is a missing permission check that can allow apps to execute code as the shell user when wireless debugging is enabled, causing local elevation of privilege. Exploitation requires user interactio...
CVE-2020-0009
CVE-2020-0009 affects the Android kernel ashmem.c (calc_vm_may_flags): an insecure permissions bypass can allow an arbitrary write to shared memory, enabling local privilege escalation by corrupting inter-process memory. Exploitation is possible without user interaction, and no additional executi...
CVE-2022-20145
Android CVE-2022-20145 exposes VPN credentials via a downgrade in Vpn.java: startLegacyVpnPrivileged in Android 11, enabling remote privilege escalation when connected to a malicious Wi‑Fi AP and requiring no user interaction. Affected product: Android (Android-11) framework component; vulnerabil...
CVE-2022-20456
CVE-2022-20456 : In AutomaticZenRule.java, there is a vulnerability due to a failure to persist permissions settings caused by resource exhaustion, which could lead to local elevation of privilege with no additional execution privileges needed. Affected: Android 10–13 (Android-10, Android-11, And...
CVE-2022-20481
CVE-2022-20481 affects Android 10–13. The issue involves preserving WiFi settings due to residual data after a reset, enabling local information disclosure without extra execution privileges. Root cause: residual WiFi data in multiple files. Impact: confidentiality loss (high); no integrity/avail...
CVE-2023-21096
CVE-2023-21096: A use-after-free in OnWakelockReleased within attribution_processor.cc in Android can lead to remote code execution with no privileges and no user interaction. Public documentation identifies this as a critical RCE in the System component affecting Android 12, 12L, and 13, with pa...
CVE-2020-0256
CVE-2020-0256 is a vulnerability in the gdisk GPT disk utility. The issue is an out-of-bounds write in LoadPartitionTable of gpt.cc, caused by a missing bounds check, which could enable local escalation of privilege when inserting a malicious USB device. Affected software across multiple distribu...