8153 matches found
CVE-2023-21172
CVE-2023-21172 affects Android 13 where the WifiCallingSettings.java functions allow changing calling preferences for the admin user due to a permissions bypass. This enables local elevation of privilege with no extra execution privileges needed and requires no user interaction to exploit. No spe...
CVE-2023-21326
Summary of CVE-2023-21326 : This Android vulnerability affects the Package Manager Service and allows a local attacker to determine whether an app is installed without query permissions, via a side-channel information disclosure. The impact is information disclosure (confidentiality) with no user...
CVE-2023-21384
CVE-2023-21384 : Affected software is the Android Package Manager. The issue is an information-disclosure vulnerability caused by an unsafe PendingIntent, enabling local information disclosure with low-privilege access. Exploitation requires no user interaction but attacker must have local access...
CVE-2023-52347
The collected details indicate a vulnerability in the ril service where a missing bounds check can cause an out-of-bounds write, leading to local denial of service with System execution privileges. Affected software: ril service (UNISOC/Unisoc-derived platforms referenced in multiple reports). Ro...
CVE-2024-20029
CVE-2024-20029 concerns the wlan firmware with a vulnerability described as an out-of-bounds write caused by improper input validation. The underlying issue can lead to a local escalation of privilege with System execution privileges, and exploitation does not require user interaction. The availa...
CVE-2024-20107
CVE-2024-20107 affects MediaTek MT8676 Da component (MediaTek chipsets). It describes an out-of-bounds read due to a missing bounds check, causing local information disclosure without privileges or user interaction. Patch ALPS09124360/Issue MSV-1823 is referenced in multiple sources (NVD/Red Hat)...
CVE-2024-20116
CVE-2024-20116 affects the cmdq component in MediaTek chipsets. The vulnerability is a possible out-of-bounds read caused by a missing bounds check, leading to local information disclosure with system execution privileges required. The issue does not require user interaction. Public references li...
CVE-2024-39435
CVE-2024-39435 affects the Logmanager service. The root cause is a missing verification/input validation in the service, enabling local escalation of privilege without additional execution privileges. The available sources do not specify affected products/vendors beyond the Logmanager service, no...
CVE-2025-20638
CVE-2025-20638 concerns MediaTek chipsets where the DA module exposes a read of uninitialized heap data, enabling local information disclosure. Root cause: uninitialized data in the DA module. Impact: potential leakage of heap contents if an attacker gains physical access; exploitation requires u...
CVE-2025-20652
CVE-2025-20652 describes a potential out-of-bounds read in V5 DA caused by a missing bounds check, leading to local information disclosure. Exploitation requires physical access to the device and does not require prior execution privileges, with user interaction needed for exploitation. A patch i...
CVE-2025-20660
CVE-2025-20660 : In PlayReady TA, a missing bounds check enables an out-of-bounds read that can lead to local privilege escalation when the attacker already has System privileges. The issue does not require user interaction. A patch is available (Patch ID: DTV04436357; MSV-3186). Exploitation sta...
CVE-2009-2999
The CVE-2009-2999 entry affects Android 1.5 CRBxx: remote attackers can cause a DoS (application restart and network disconnection) by sending a malformed WAP Push SMS, triggering an ArrayIndexOutOfBoundsException in com.android.phone. Connected sources confirm a Malformed SMS DoS with fixed vers...
CVE-2011-2357
CVE-2011-2357 describes a cross-application scripting flaw in Android’s Browser URL loading, enabling a non-privileged app to inject JavaScript into arbitrary domains and break sandboxing. The vulnerability has two exploitation vectors: (1) exhausting MAX_TABS and loading a target URL followed by...
CVE-2014-0997
CVE-2014-0997 affects Android devices using WiFiMonitor handling for Wi-Fi Direct. A crafted 802.11 Probe Response frame can trigger an uncaught IllegalArgumentException in WifiMonitor/WifiP2pDevice, causing the Dalvik subsystem to reboot and resulting in a denial of service. Vulnerable on severa...
CVE-2014-6060
CVE-2014-6060 describes a denial-of-service condition in the DHCP client dhcpcd. Affected versions are 4.0.0 through 6.x (before 6.4.3). The root cause is a vulnerability in how a remote DHCP server can reset the DHO_OPTIONSOVERLOADED option in the bootfile or servername DHCP option, triggering t...
CVE-2014-9801
CVE-2014-9801 concerns Android components on Nexus 5 (Qualcomm) where multiple integer overflows in lib/libfdt/fdt_rw.c can be triggered by a crafted application to gain privileges. The issue is described as an Android internal bug 28822060 and a Qualcomm internal bug CR705078, affecting Qualcomm...
CVE-2015-1539
The CVE-2015-1539 issue is a remote-code-execution vulnerability in Android’s libstagefright, caused by integer underflows in ESDS::parseESDescriptor during MP4 atom processing. It affects Android releases prior to 5.1.1 LMY48I; the Android bulletins (e.g., Nexus/Android security bulletin) note t...
CVE-2015-3827
Android Stagefright: CVE-2015-3827 is a vulnerability in libstagefright’s MPEG4 covr handling. The MPEG4Extractor::parseChunk path does not validate the relationship between chunk sizes and skip sizes, causing an integer underflow that can lead to remote code execution or memory corruption via cr...
CVE-2015-3828
CVE-2015-3828 affects Android’s libstagefright MPEG4Extractor.cpp, where MPEG4Extractor::parse3GPPMetaData does not enforce a minimum size for UTF-16 strings containing a BOM. This can enable a remote attacker to execute arbitrary code or cause a denial of service (integer underflow and memory co...
CVE-2015-3839
CVE-2015-3839 affects Android 5.1.1 and earlier. The vulnerability lies in the updateMessageStatus function, where a local user can trigger a NULL pointer dereference, causing a denial of service (process crash). The issue is documented across sources as a local-exploit scenario with no remote ac...
CVE-2016-0834
CVE-2016-0834 affects Android 6.x mediaserver with an unspecified media codec vulnerability that allows remote code execution or memory corruption via a crafted media file (internal bug 26220548). The NVD entry notes a CVSSv3 base score of 8.4 (HIGH) with local attack vector, no privileges, and n...
CVE-2016-2475
CVE-2016-2475 refers to an input validation vulnerability in the Broadcom Wi‑Fi driver that, on Android devices, could enable a local attacker to gain privileges for certain system calls via a crafted application. The issue affects Nexus devices (Nexus 5, 6, 6P, 7 (2013), 9, Nexus Player, Pixel C...
CVE-2016-3861
CVE-2016-3861 involves LibUtils on Android (4.x up to 4.4.4; 5.x; 6.x up to 2016-09-01; 7.0 before 2016-09-01) where conversions between Unicode encodings of different widths are mishandled, allowing remote code execution or a heap-based buffer overflow via a crafted file. Exploitation is evidenc...
CVE-2016-8462
CVE-2016-8462 is an information-disclosure vulnerability in the Android bootloader that could allow a local attacker to access data outside the attacker’s permission level. Connected sources confirm affected devices include Pixel and Pixel XL, with patch guidance in the Android security bulletin ...
CVE-2017-0394
CVE-2017-0394 is a denial-of-service vulnerability in Android’s Telephony, allowing a remote attacker to cause a device hang or reboot. Affected are Android versions 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, and 7.1.1. The initial records do not provide exploit details or a confirmed root-cause description ...
CVE-2017-0407
CVE-2017-0407 describes a remote code execution vulnerability in Android’s Mediaserver affecting the libhevc library. The issue can be triggered by processing a specially crafted media file, leading to memory corruption within the Mediaserver process. Affected products/versions are Android 6.0–7....
CVE-2017-0414
CVE-2017-0414 refers to an information-disclosure vulnerability in AOSP Messaging on Android (versions 6.0, 6.0.1, 7.0, 7.1.1). The issue allows a local malicious application to bypass OS protections that isolate app data, potentially accessing data the app should not access. The connected docume...
CVE-2017-0449
CVE-2017-0449 describes an elevation-of-privilege in the Broadcom Wi‑Fi driver for Android devices using the 3.10 kernel (e.g., Nexus 6P/Nexus 6). A local, privileged process could be exploited by a malicious user/application to execute arbitrary code in the kernel context. The CNVD entry corrobo...
CVE-2017-0493
CVE-2017-0493 is an information-disclosure vulnerability in Android’s File-Based Encryption that could allow a local attacker to bypass lock-screen protections. Affected products/versions (from sources): Android 7.0 and 7.1.1. Root cause: information disclosure within File-Based Encryption (no fu...
CVE-2017-0616
CVE-2017-0616 describes an elevation of privilege in the MediaTek system management interrupt driver that could allow a local malicious Android app to execute arbitrary code in the kernel context. Affected product: Android. Impact is rated High, because exploitation requires first compromising a ...
CVE-2017-0640
CVE-2017-0640 corresponds to a remote DoS in Android’s Media framework/Mediaserver. A specially crafted media file can cause a device hang or reboot. Affected: Android 6.0–7.1.1. Root cause: DoS in media processing within Mediaserver. Exploitation status not detailed in the provided documents. Re...
CVE-2017-0664
CVE-2017-0664 affects Android’s Framework with an elevation of privilege vulnerability. Affected: Android versions 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 (Android ID A-36491278). Description in connected Nessus entry confirms the issue is an EoP in the Framework and notes there is no vendor-...
CVE-2017-0738
CVE-2017-0738 is an information-disclosure vulnerability in Android’s media framework audioserver affecting Android versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, and 7.1.2. The connected documents identify the issue as a flaw in audioserver that can lead to leakage of sensitive informatio...
CVE-2017-0740
CVE-2017-0740 is a remote code execution vulnerability in the Broadcom networking driver for Android, affecting the Android kernel. The connected sources describe the issue as a Broadcom Networking driver RCE in Android 7.1.2 and earlier, with Android Bug ID A-37168488 and reference B-RB#116402. ...
CVE-2017-0758
CVE-2017-0758 is a remote code execution vulnerability in Android’s media framework (libhevc) affecting Android 5.0.2–7.1.2. The media decoding library is the vulnerable surface; exploitation would require user interaction, with a valid crafted file likely enabling code execution in a privileged ...
CVE-2017-0769
CVE-2017-0769 is an Elevation of Privilege flaw in Android's media framework (libstagefright), affecting Android 7.0, 7.1.1, 7.1.2, and 8.0. The NVD entry lists it as a Local EoP with UI interaction required and high impact (C/H/I/A = High). Publicly disclosed details are limited to the affected ...
CVE-2017-0770
CVE-2017-0770 is an elevation of privilege in Android's media framework (libmediaplayerservice) affecting Android versions 4.4.4–8.0. The entry provides the vulnerable component and affected versions, plus CVSS scores (high severity). No exploit status is listed in the provided documents; the And...
CVE-2017-0814
CVE-2017-0814 is an information-disclosure vulnerability in the Android media framework. The Pixel/Nexus bulletin lists this CVE under the Media framework component with a mitigation path via security patches at the 2017-10-05 patch level, addressing devices updated to Android 7.0, 7.1.1, 7.1.2, ...
CVE-2017-11042
CVE-2017-11042 affects Android for MSM, Firefox OS for MSM, and QRD Android builds with CAF Linux kernel, where ImsService and IQtiImsExt AIDL APIs lack access control. Root cause: insufficient access restrictions on these ImsService interfaces. Exploitation would be local (CVSS2/3 reflect LOCAL,...
CVE-2017-11061
CVE-2017-11061 describes a buffer over-read in the Qualcomm WLAN stack used by Android for MSM, Firefox OS for MSM, and QRD Android, across CAF Linux kernel-based Android releases. The issue occurs while processing the cfg80211 vendor sub-command QCA_NL80211_VENDOR_SUBCMD_ROAM, potentially allowi...
CVE-2017-13180
CVE-2017-13180 affects the Android Media Framework (SoftAVCDec) where a bad header can cause a loop, enabling a use-after-free that leads to an out-of-bounds write. This can result in local privilege elevation with code execution in a privileged process, without user interaction. The vulnerabilit...
CVE-2017-13196
CVE-2017-13196 affects Android’s Media Framework, caused by a dead loop in ihevcd_decode.c when processing incomplete frames. This can lead to memory leaks and a remote denial of service of a critical system process, without user interaction. Affected Android versions include 5.1.1, 6.0, 6.0.1, 7...
CVE-2017-13197
CVE-2017-13197 affects Android’s Media Framework (family of code using ihevcd_parse_slice.c). The vulnerability arises because slave threads are not joined when an error occurs, leading to a remote denial of service of a critical system process without extra privileges or user interaction. Affect...
CVE-2017-15851
CVE-2017-15851 affects Qualcomm Camerav2 in Android for MSM (Linux kernel CAF-based) due to a lack of copy_from_user and an information leak in msm_ois_subdev_do_ioctl, causing a camera crash across Android releases. The issue is documented in the Pixel/Nexus bulletin under Camerav2 (CVE-2017-158...
CVE-2017-6247
CVE-2017-6247 affects the NVIDIA Tegra kernel audio driver (Audio DSP). A vulnerability in the driver allows an attacker to copy an invalid user parameter without proper input size checking, potentially leading to denial of service or privilege escalation to the kernel. Impact is described as loc...
CVE-2017-8235
CVE-2017-8235 is listed in Qualcomm component notes as an Elevation of Privilege affecting the Camera driver. The description from the initial document states that in CAF Android releases, a memory structure in a camera driver is not properly protected. The connected Android bulletin entries conf...
CVE-2017-8240
CVE-2017-8240 is described as an off-by-one kernel driver over-read in CAF Android releases using the Linux kernel. Connected Nessus advisories for Unity Linux 20.1050e/20.1060e/20.1070e reference UTSA advisories (UTSA-2026-001627, UTSA-2026-003309, UTSA-2026-002623) noting a security update addr...
CVE-2017-8246
CVE-2017-8246 concerns the Android CAF ALSA PCM Playback Kernel Module. In msm_pcm_playback_close(), prtd is assigned from substream->runtime->private_data and later freed, but not sanitized to NULL; this creates a dangling pointer. Other code paths (e.g., msm_pcm_volume_ctl_put()) check fo...
CVE-2018-21072
CVE-2018-21072 affects Samsung mobile devices running M(6.0), N(7.x) and O(8.0) on Exynos chipsets. A kernel driver flaw enables out-of-bounds read/write and may allow arbitrary code execution (Samsung ID SVE-2018-11358). The connected documents confirm the vulnerability class and impact but do n...
CVE-2018-9338
CVE-2018-9338 is an Android Framework vulnerability described in multiple sources as an out-of-bounds write in ResStringPool::setTo (ResourceTypes.cpp) caused by a missing bounds check. The issue can lead to local escalation of privilege with no user interaction required. Affected component is wi...