8153 matches found
CVE-2017-0802
CVE-2017-0802 is described in connected sources as a local elevation-of-privilege vulnerability in the MediaTek kernel used by Android. The MTK component table lists CVE-2017-0802 with type EoP and impact in the Kernel, indicating a privilege escalation path, but the documents do not provide conc...
CVE-2017-0803
CVE-2017-0803 is an elevation-of-privilege vulnerability in the MediaTek accessory detector driver used by Android. The issue affects the Android kernel via the Accessory detector driver component, enabling local privilege escalation in affected devices. The NVD entry lists a base CVSS v2 of 6.8 ...
CVE-2017-0840
CVE-2017-0840 is an information-disclosure vulnerability in Android’s media framework (libstagefright). Affected products/versions include Android 5.0.2–8.0 (5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0). The issue is classified as Information Disclosure (Media framework) with High impact per...
CVE-2017-0855
CVE-2017-0855 affects Android’s Media Framework in MPEG4Extractor.cpp, where several paths return early without cleaning up internal buffers, leading to memory leaks. The impact is remote denial of service of a privileged process without extra privileges or user interaction. Affected Android vers...
CVE-2017-11052
CVE-2017-11052 affects Android components built on CAF Linux kernel, specifically when processing a crafted QCA_NL80211_VENDOR_SUBCMD_NDP vendor command in Android for MSM, Firefox OS for MSM, and QRD Android. The vulnerability is a buffer over-read in the cfg80211 vendor command handler, leading...
CVE-2017-13178
CVE-2017-13178 affects Android Media Framework (SoftAVCDec). In initDecoder, a use-after-free can cause an out-of-bounds write to mCodecCtx when buffer allocation fails, enabling remote code execution in a privileged process without user interaction. Affected Android versions: 6.0.1, 7.0, 7.1.1, ...
CVE-2017-13254
CVE-2017-13254 is a DoS vulnerability in the Android media framework (AACExtractor). Affected products/versions include Android 6.0–8.1 (Android 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1). The issue is documented under the Media Framework category in the March 2018 Pixel/Nexus bulletin with a high ...
CVE-2017-13314
CVE-2017-13314 affects Android by with a missing permission check in NetworkManagementService.setAllowOnlyVpnForUids, enabling local escalation of privilege to access non-VPN networks when VPN-only access is intended. The issue is described as a security settings bypass in NetworkManagementServic...
CVE-2017-14881
CVE-2017-14881 describes a use-after-free in the IPA IOCTL handler (IPA_IOC_ADD_HDR_PROC_CTX) on Android for MSM/Firefox OS for MSM/QRD Android prior to 2017-10-13. The vulnerability is in the ipa driver (Qualcomm) and is categorized in the Android Pixel bulletin as an Elevation of Privilege issu...
CVE-2017-18694
CVE-2017-18694 affects Samsung mobile devices with Exynos5 software up to 2016-10-25. Root cause: an incorrect format specifier in the logging path allows reading kernel addresses from logs, enabling information disclosure. Impact per sources: kernel addresses disclosed; no exploitation details p...
CVE-2017-8236
CVE-2017-8236 is a buffer overflow vulnerability in an IPA driver present in CAF Android builds using the Linux kernel. Affected component: IPA driver; Root cause: buffer overflow. Potential impact per CVSS3 metrics is HIGH for confidentiality, integrity, and availability, with LOCAL exploitabili...
CVE-2017-8266
CVE-2017-8266 describes a race condition in the Qualcomm video driver used in CAF Android/Linux kernel variants, potentially leading to a use-after-free. Affected component: video driver within Qualcomm/CAF/Linux kernel stack. Impact details in the CVE notes indicate a partial impact on confident...
CVE-2017-9702
CVE-2017-9702 describes a vulnerability in Android variants (MSM, CAF Linux kernels) where a user-space pointer is directly accessed in a camera driver. This is a local, low-attack-surface issue with a high impact on confidentiality, integrity, and availability (per CVSS3; base score 7.8) and is ...
CVE-2018-5841
CVE-2018-5841 affects Qualcomm DCC (display/graphics driver) within Android CAF releases. The root cause is that dcc_curr_list is initialized to a default invalid value, which is intended to be programmed via a sysfs node; this could allow an elevation of privilege (EoP) when the value is imprope...
CVE-2018-9348
CVE-2018-9348 : The Red Hat/NVD entries describe an integer overflow in SMF_ParseMetaEvent within eas_smf.c that can cause remote Denial of Service via resource exhaustion. Exploitation requires user interaction, and the public details emphasize DoS impact with no explicit remote code execution. ...
CVE-2018-9399
CVE-2018-9399 affects the /proc/driver/wmt_dbg driver. The issue is multiple possible out-of-bounds writes in this driver, enabling local escalation of privilege with SYSTEM privileges and no user interaction required. Reported impact is local (attack vector: LOCAL) with the potential for total c...
CVE-2018-9420
CVE-2018-9420 affects Android’s BnCameraService::onTransact in CameraService.cpp, enabling information disclosure via uninitialized data with local access and no user interaction. The issue is categorized as an Information Disclosure (ID) in the Android 2018-07-01/2018-07-05 patch-level bulletin,...
CVE-2018-9433
CVE-2018-9433 affects Android’s Framework via the ArrayConcatVisitor in builtins-array.cc, where improper input validation can cause a type confusion vulnerability. The issue could allow remote code execution without extra privileges, with exploitation requiring user interaction per the primary d...
CVE-2018-9509
CVE-2018-9509 affects Android devices with Bluetooth stack exposure. The issue is an out-of-bounds read in smp_proc_master_id of smp_act.cc due to a missing bounds check, which could allow remote information disclosure without extra privileges and without user interaction. Affected products/versi...
CVE-2018-9589
CVE-2018-9589 affects the Android WiFi stack. In ieee802_11_rx_wnmsleep_req() within wnm_ap.c on Android 7.0–9 (including 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9), there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the WiFi driver with ...
CVE-2019-11516
CVE-2019-11516 affects the Bluetooth stack in Cypress/Broadcom Wireless IoT. The issue arises from improper handling of Extended Inquiry Responses (EIRs): RFU bits are not discarded in eir_handleRx(), causing EIR length overflow beyond 240 bytes and a heap-based overflow in eir_getReceivedEIR() i...
CVE-2019-20580
This CVE concerns Samsung mobile devices running P(9.0). The Motion photo player is able to bypass the Secure Folder feature to view images, constituting an information disclosure vulnerability. Affected software/hardware: Samsung mobile devices with P(9.0). Vulnerable component: Motion photo pla...
CVE-2019-2136
CVE-2019-2136 affects Android: the issue is in Status::readFromParcel of Status.cpp where an out-of-bounds read due to inadequate input validation can lead to local information disclosure without requires user interaction. Impact is confined to Android versions 7.0 through 9 as listed in the desc...
CVE-2019-9321
CVE-2019-9321 affects the Android 10 stack via the libavc library, where a missing variable initialization in libavc could allow information disclosure. The vulnerability reportedly requires user interaction to be exploited and would impact confidentiality (partial). The connected Red Hat entry a...
CVE-2019-9383
CVE-2019-9383 affects Android 10: NFC server component suffers an out-of-bounds read due to a missing bounds check, enabling local information disclosure. The issue requires user interaction to exploit. Documented impact is information disclosure with no additional privileges granted; no explicit...
CVE-2019-9417
CVE-2019-9417 is a Bluetooth vulnerability in Android 10 where an out-of-bounds read can disclose information locally without user interaction due to a missing bounds check. Exploitation requires local access; impact is information disclosure with no execution privileges gained. Public references...
CVE-2020-0102
In CVE-2020-0102, the issue is an out-of-bounds write in GattServer::SendResponse due to an incorrect bounds check. Affects Android 8.0–10; exploitation could enable local elevation of privilege with user execution privileges required and no user interaction needed. The risk is described as a loc...
CVE-2020-0313
In CVE-2020-0313, the issue is in Android’s NotificationManagerService where an unsafe PendingIntent can bypass permissions, enabling local information disclosure with low requirements (local access, no user interaction). The vulnerability affects Android 11 and is characterized by a LOCAL attack...
CVE-2020-13837
CVE-2020-13837 concerns Samsung mobile devices running Q(10.0). The issue is that the Lockscreen does not block access to Music Share via the Quick Panel, allowing potential exposure of Music Share controls or data when the device is locked. The Samsung Internal ID is SVE-2020-17145 (June 2020). ...
CVE-2021-0526
CVE-2021-0526 concerns the Android memory management driver (MediaTek) with an out-of-bounds write caused by uninitialized data. The issue enables local escalation of privilege without extra execution privileges, and does not require user interaction. Multiple sources (NVD, Red Hat, CVE records, ...
CVE-2021-25357
CVE-2021-25357 describes a pendingIntent hijacking vulnerability in Samsung’s Create Movie component, allowing unprivileged apps to access contact information. Affected releases cover Android 8.x (O) and 9.0 (P) with SMR APR-2021 Release 1, Android 10 (Q) version 3.4.81.1, and Android 11 (R) vers...
CVE-2022-20260
CVE-2022-20260 affects the Android Phone app on Android 13. The issue is a resource-exhaustion induced crash loop that can cause local persistent DoS with user privileges and no user interaction needed. The vulnerability is tied to the Phone app’s handling leading to a crash under resource pressu...
CVE-2022-20283
CVE-2022-20283 is a Bluetooth vulnerability in Android 13 where an integer overflow can cause an out-of-bounds write in the Bluetooth stack, enabling remote code execution with no privileges and no user interaction. The issue is evidenced by Android security notes and multiple CVE aggregations, w...
CVE-2022-20287
CVE-2022-20287 affects Android 13, specifically the AppSearchManagerService. The issue lets a local attacker determine whether an app is installed without query permissions via a side-channel information disclosure, causing local information disclosure with no extra execution privileges needed. E...
CVE-2022-20299
CVE-2022-20299 affects the Android 13 ContentService. The vulnerability stems from a missing permission check that allows checking if a given account exists on the device, leading to local information disclosure. Exploitation would require local access with user privileges but does not require us...
CVE-2022-21778
The CVE-2022-21778 issue affects MediaTek’s vpu, where an incorrect bounds check can trigger information disclosure and potentially local privilege escalation. The vulnerability requires local access (attack vector: LOCAL), with no user interaction, and a high privileges requirement for exploitat...
CVE-2022-26448
CVE-2022-26448 affects the apusys component and is caused by a missing bounds check resulting in an out-of-bounds write. The vulnerability can lead to local privilege escalation with System privileges, and does not require user interaction to exploit. Patch ALPS07063849 (Issue ALPS07063849) is id...
CVE-2022-26456
The vulnerability CVE-2022-26456 affects the vow component (MediaTek vow module) where symbolic link following can lead to local information disclosure with System execution privileges required. Exploitation does not require user interaction. The public entries consistently cite the Patch ID ALPS...
CVE-2022-30751
CVE-2022-30751 affects SemWifiApClient before the Samsung SMR Jul-2022 Release 1. The issue is an improper access control in the sendDHCPACKBroadcast function that can let an attacker access the Wi-Fi AP client MAC address of devices connected via the WIFI_AP_STA_DHCPACK_EVENT action. Public sour...
CVE-2022-30754
Summary: CVE-2022-30754 describes an implicit intent hijacking vulnerability in Samsung AppLinker. The issue allows an attacker to launch certain activities with the privileges of AppLinker due to insufficient restrictions on implicit intents. Affected component: Samsung AppLinker (on Samsung mob...
CVE-2022-32622
CVE-2022-32622 involves a memory corruption in gz caused by a missing bounds check, leading to local escalation of privilege with System execution privileges required and no user interaction. The vulnerability is associated with gz and is supported by multiple connected records, which also refere...
CVE-2022-32651
In mtk-aie, there is a use-after-free caused by a logic error that can lead to local escalation of privilege with System execution privileges required. Exploitation does not require user interaction. Patch ID ALPS07225857 (Issue ID ALPS07225857) is noted as the fix in the CVE record. Multiple con...
CVE-2022-33693
The vulnerability CVE-2022-33693 affects Samsung Mobile CID Manager prior to the SMR July 2022 release, allowing a local attacker to access ICCID information via logs. The issue is described as an information disclosure originating from CID Manager logging behavior, with the impact limited to con...
CVE-2022-33704
CVE-2022-33704 concerns an improper validation in KnoxSDK’s ucmRetParcelable prior to Samsung’s SMR Jul-2022 Release 1. The root cause is input validation failure in that function, which could allow an attacker to launch certain activities. Documents indicate remediation via Samsung’s Security Ma...
CVE-2022-36860
The CVE-2022-36860 entry concerns a heap-based overflow in the LoadEnvironment function of the libSDKRecognitionText.spensdk.samsung.so library. Affected component: libSDKRecognitionText.spensdk.samsung.so; vulnerability type: heap-based overflow in LoadEnvironment; root cause: memory access faul...
CVE-2022-39099
CVE-2022-39099: A missing permission check in the power management service enables setup of the service with no additional execution privileges required. CVSSv3.1 base metrics (LOCAL access, LOW privileges) indicate high impact on confidentiality, integrity, and availability. Connected sources co...
CVE-2022-39107
CVE-2022-39107 affects the Soundrecorder service (UNISOC-based devices per CNNVD/Red Hat lists) and is caused by a missing permission check, enabling local privilege escalation with low privileges and no user interaction. The NVD/PRION/CNNVD entries describe elevation of privilege without requiri...
CVE-2022-39117
CVE-2022-39117 involves a missing permission check in the messaging service, enabling local information disclosure without additional execution privileges. Multiple connected sources (NVD/NVD-derived records, Red Hat, PRION, CNNVD, and others) describe the issue as a local confidentiality exposur...
CVE-2022-39899
CVE-2022-39899 is an improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1. The issue can allow a local attacker to send input events via S Pen gestures due to insufficient authentication around the WindowManagerService. Affected software is Samsung...
CVE-2022-42536
Chromecast security bulletin (ANDROID CHROMECAST-2023-07-01) documents CVE-2022-42536 as a remote code execution affecting Chromecast devices. The issue is categorized under AMLogic Secure Monitor with high severity (CVSSv3.1: 9.8, network vector, no user interaction). The bulletin confirms a fun...