930 matches found
CVE-2017-0446
An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3....
CVE-2017-0448
An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: ...
CVE-2017-0798
A elevation of privilege vulnerability in the MediaTek kernel. Product: Android. Versions: Android kernel. Android ID: A-36100671. References: M-ALPS03365532.
CVE-2018-9374
In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
CVE-2022-39914
Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung DisplayManagerService prior to Android T(13) allows local attacker to access connected DLNA device information.
CVE-2023-21385
In Whitechapel, there is a possible out of bounds read due to memory corruption. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-21393
In Settings, there is a possible way for the user to change SIM due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-46966
The Ikhgur mn.ikhgur.khotoch (aka Video Downloader Pro & Browser) application through 1.0.42 for Android allows an attacker to execute arbitrary JavaScript code via the mn.ikhgur.khotoch.MainActivity component.
CVE-2015-3839
The updateMessageStatus function in Android 5.1.1 and earlier allows local users to cause a denial of service (NULL pointer exception and process crash).
CVE-2015-3867
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23213430.
CVE-2015-5573
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code by leveraging an unspecified "...
CVE-2015-6575
SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly consider integer promotion, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption) via crafted atoms in MP4 data, aka internal bug 20139950, a di...
CVE-2015-6604
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23129786.
CVE-2017-0440
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.1...
CVE-2018-9397
In WMT_unlocked_ioctl of MTK WMT device driver, there is a possible OOBwrite due to a missing bounds check. This could lead to local escalation ofprivilege with System execution privileges needed. User interaction is notneeded for exploitation.
CVE-2018-9398
In fm_set_stat of mediatek FM radio driver, there is a possible OOB writedue to improper input validation. This could lead to local escalation ofprivilege with System execution privileges needed. User interaction is notneeded for exploitation.
CVE-2023-21319
In UsageStatsService, there is a possible way to read installed 3rd party apps due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-21362
In Usage, there is a possible permanent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-21375
In Sysproxy, there is a possible out of bounds write due to an integer underflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2010-4804
The Android browser in Android before 2.3.4 allows remote attackers to obtain SD card contents via crafted content:// URIs, related to (1) BrowserActivity.java and (2) BrowserSettings.java in com/android/browser/.
CVE-2015-1539
Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via crafted ESDS atoms, aka internal bug 20139950, a related issue to CVE-2015-4493.
CVE-2015-3842
Multiple heap-based buffer overflows in libeffects in the Audio Policy Service in mediaserver in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application, aka internal bug 21953516.
CVE-2015-6634
The display drivers in Android before 5.1.1 LMY48Z allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 24163261.
CVE-2016-2489
The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407629.
CVE-2017-0430
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
CVE-2017-0794
A elevation of privilege vulnerability in the Upstream kernel scsi driver. Product: Android. Versions: Android kernel. Android ID: A-35644812.
CVE-2017-0863
An elevation of privilege vulnerability in the Upstream kernel video driver. Product: Android. Versions: Android kernel. Android ID: A-37950620.
CVE-2017-13319
In pvmp3_get_main_data_size of pvmp3_get_main_data_size.cpp, there is a possible buffer overread due to a missing bounds check. This could lead to remote information disclosure of global static variables with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2017-8255
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in boot.
CVE-2021-39810
In NFC, there is a possible way to setup a default contactless payment app without user consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-21326
In Package Manager Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exp...
CVE-2023-21384
In Package Manager, there is a possible possible permissions bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.
CVE-2011-2343
The Bluetooth stack in Android before 2.3.6 allows a physically proximate attacker to obtain contact information via an AT phonebook transfer.
CVE-2015-1528
Integer overflow in the native_handle_create function in libcutils/native_handle.c in Android before 5.1.1 LMY48M allows attackers to obtain a different application's privileges or cause a denial of service (Binder heap memory corruption) via a crafted application, aka internal bug 19334482.
CVE-2015-1541
The AppWidgetServiceImpl implementation in com/android/server/appwidget/AppWidgetServiceImpl.java in the Settings application in Android before 5.1.1 LMY48I allows attackers to obtain a URI permission via an application that sends an Intent with a (1) FLAG_GRANT_READ_URI_PERMISSION or (2) FLAG_GRAN...
CVE-2015-6620
libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bugs 24123723 and 24445127.
CVE-2016-6749
An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderat...
CVE-2017-0449
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platfor...
CVE-2017-0465
An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3...
CVE-2017-0509
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
CVE-2017-0749
A elevation of privilege vulnerability in the Upstream Linux linux kernel. Product: Android. Versions: Android kernel. Android ID: A-36007735.
CVE-2017-0803
A elevation of privilege vulnerability in the MediaTek accessory detector driver. Product: Android. Versions: Android kernel. Android ID: A-36136137. References: M-ALPS03361477.
CVE-2017-0804
A elevation of privilege vulnerability in the MediaTek mmc driver. Product: Android. Versions: Android kernel. Android ID: A-36274676. References: M-ALPS03361487.
CVE-2017-11001
In all Qualcomm products with Android releases from CAF using the Linux kernel, the length of the MAC address is not checked which may cause out of bounds read.
CVE-2017-8260
In all Qualcomm products with Android releases from CAF using the Linux kernel, due to a type downcast, a value may improperly pass validation and cause an out of bounds write later.
CVE-2018-9392
In get_binary of vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/data_coder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploi...
CVE-2018-9399
In /proc/driver/wmt_dbg driver, there are several possible out of boundswrites. These could lead to local escalation of privilege with Systemexecution privileges needed. User interaction is not needed forexploitation.
CVE-2022-20264
In Usage Stats Service, there is a possible way to determine whether an app is installed, without query permissions due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploita...
CVE-2023-21364
In ContactsProvider, there is a possible crash loop due to resource exhaustion. This could lead to local persistent denial of service in the Phone app with User execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-21376
In Telephony, there is a possible way to retrieve the ICCID due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.