Lucene search

K

1402 matches found

CVE
CVE
added 2024/04/05 8:15 p.m.2267 views

CVE-2024-29740

In tmu_set_table of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

7.4CVSS7.1AI score0.0002EPSS
CVE
CVE
added 2019/10/11 7:15 p.m.1367 views

CVE-2019-2215

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network f...

7.8CVSS7.5AI score0.4903EPSS
CVE
CVE
added 2021/12/15 7:15 p.m.1325 views

CVE-2021-0920

In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917R...

6.9CVSS7.1AI score0.0051EPSS
CVE
CVE
added 2022/03/16 3:15 p.m.1144 views

CVE-2021-39793

In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An...

7.8CVSS7.7AI score0.00039EPSS
CVE
CVE
added 2023/03/24 8:15 p.m.1080 views

CVE-2023-21036

In BitmapExport.java, there is a possible failure to truncate images due to a logic error in the code.Product: AndroidVersions: Android kernelAndroid ID: A-264261868References: N/A

5.5CVSS5.3AI score0.00274EPSS
CVE
CVE
added 2020/03/10 8:15 p.m.1064 views

CVE-2020-0069

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not neede...

7.8CVSS7.8AI score0.01303EPSS
CVE
CVE
added 2021/12/15 7:15 p.m.1060 views

CVE-2021-1048

In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid I...

7.8CVSS7.6AI score0.01486EPSS
CVE
CVE
added 2020/03/10 8:15 p.m.1032 views

CVE-2020-0041

In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...

7.8CVSS7.6AI score0.22373EPSS
CVE
CVE
added 2024/12/05 12:15 a.m.953 views

CVE-2018-9416

In sg_remove_scat of scsi/sg.c, there is a possible memory corruption due toan unusual root cause. This could lead to local escalation of privilege withSystem execution privileges needed. User interaction is not needed forexploitation.

10CVSS7AI score0.00031EPSS
CVE
CVE
added 2024/05/07 9:15 p.m.825 views

CVE-2024-0042

In TBD of TBD, there is a possible confusion of OEM and DRM certificates due to improperly used crypto. This could lead to local bypass of DRM content protection with no additional execution privileges needed. User interaction is not needed for exploitation.

7.8CVSS6.7AI score0.00008EPSS
CVE
CVE
added 2025/01/18 12:15 a.m.745 views

CVE-2018-9401

In many locations, there is a possible way to access kernel memory in user space due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

7.8CVSS8.7AI score0.00019EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.563 views

CVE-2019-9456

In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

6.7CVSS7.3AI score0.00159EPSS
CVE
CVE
added 2025/01/18 12:15 a.m.542 views

CVE-2018-9405

In BnDmAgent::onTransact of dm_agent.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

6.7CVSS8.8AI score0.00021EPSS
CVE
CVE
added 2024/08/19 5:15 p.m.531 views

CVE-2024-32927

In sendDeviceState_1_6 of RadioExt.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

7.8CVSS7.5AI score0.00013EPSS
CVE
CVE
added 2025/01/18 12:15 a.m.502 views

CVE-2018-9387

In multiple functions of mnh-sm.c, there is a possible way to trigger a heap overflow due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

7.8CVSS9.1AI score0.00025EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.489 views

CVE-2019-9458

In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

7CVSS7.1AI score0.00042EPSS
CVE
CVE
added 2018/12/06 2:29 p.m.452 views

CVE-2018-9568

In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509...

7.8CVSS7.9AI score0.00478EPSS
CVE
CVE
added 2019/08/14 5:15 p.m.451 views

CVE-2019-9506

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary cipher...

8.1CVSS8.4AI score0.02404EPSS
CVE
CVE
added 2020/12/14 10:15 p.m.425 views

CVE-2020-0466

In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAn...

7.8CVSS8.2AI score0.00038EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.419 views

CVE-2019-9455

In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

2.3CVSS4.4AI score0.00023EPSS
CVE
CVE
added 2020/09/17 4:15 p.m.416 views

CVE-2020-0404

In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...

5.5CVSS6.4AI score0.00264EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.411 views

CVE-2019-9453

In the Android kernel in F2FS touch driver there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.

4.4CVSS4.5AI score0.00207EPSS
CVE
CVE
added 2020/09/17 7:15 p.m.396 views

CVE-2020-0427

In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-14055017...

5.5CVSS5.8AI score0.00279EPSS
CVE
CVE
added 2020/12/14 10:15 p.m.357 views

CVE-2020-0444

In audit_free_lsm_field of auditfilter.c, there is a possible bad kfree due to a logic error in audit_data_to_entry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android ker...

7.8CVSS8AI score0.00016EPSS
CVE
CVE
added 2023/08/14 9:15 p.m.341 views

CVE-2023-21264

In multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

6.7CVSS6.9AI score0.00013EPSS
CVE
CVE
added 2022/06/15 2:15 p.m.330 views

CVE-2022-20141

In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: ...

7CVSS7.4AI score0.00034EPSS
CVE
CVE
added 2020/12/14 10:15 p.m.304 views

CVE-2020-0465

In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAnd...

7.2CVSS7.6AI score0.00028EPSS
CVE
CVE
added 2021/06/21 5:15 p.m.299 views

CVE-2021-0512

In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...

7.8CVSS7.8AI score0.00032EPSS
CVE
CVE
added 2023/07/13 12:15 a.m.291 views

CVE-2023-21400

In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.

6.7CVSS7.1AI score0.0003EPSS
CVE
CVE
added 2024/11/19 2:16 a.m.286 views

CVE-2024-50302

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let'szero-initialize it during allocation to make sure that it can't be ever usedto leak kernel memory via specia...

7.8CVSS6.6AI score0.00247EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.284 views

CVE-2019-2182

In the Android kernel in the kernel MMU code there is a possible execution path leaving some kernel text and rodata pages writable. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

7.8CVSS7.5AI score0.00034EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.284 views

CVE-2019-9448

In the Android kernel in the FingerTipS touchscreen driver there is a possible out of bounds write due to a missing bounds check. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

6.7CVSS6.7AI score0.00016EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.284 views

CVE-2019-9449

In the Android kernel in FingerTipS touchscreen driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.

4.4CVSS4.3AI score0.00018EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.280 views

CVE-2019-9447

In the Android kernel in the FingerTipS touchscreen driver there is a possible use-after-free due to improper locking. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

6.7CVSS6.7AI score0.00015EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.278 views

CVE-2019-9442

In the Android kernel in the mnh driver there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System privileges required. User interaction is not needed for exploitation.

6.7CVSS6.7AI score0.00019EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.278 views

CVE-2019-9450

In the Android kernel in the FingerTipS touchscreen driver there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

6.4CVSS6.7AI score0.00013EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.275 views

CVE-2019-9275

In the Android kernel in the mnh driver there is a use after free due to improper locking. This could lead to escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

7.5CVSS6.8AI score0.00086EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.272 views

CVE-2019-9426

In the Android kernel in Bluetooth there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

6.7CVSS6.7AI score0.00016EPSS
CVE
CVE
added 2024/06/13 9:15 p.m.271 views

CVE-2024-32896

there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

8.1CVSS6.8AI score0.00124EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.261 views

CVE-2019-9445

In the Android kernel in F2FS driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.

4.4CVSS4.9AI score0.00241EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.257 views

CVE-2019-9276

In the Android kernel in the synaptics_dsx_htc touchscreen driver there is a possible out of bounds write due to a use after free. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

6.7CVSS6.7AI score0.00019EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.256 views

CVE-2019-9454

In the Android kernel in i2c driver there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

6.7CVSS6.8AI score0.00021EPSS
CVE
CVE
added 2023/01/26 9:18 p.m.250 views

CVE-2023-20928

In binder_vma_close of binder.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-2548378...

7.8CVSS7.4AI score0.00059EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.249 views

CVE-2019-9273

In the Android kernel in the synaptics_dsx_htc touchscreen driver there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

6.7CVSS6.7AI score0.00015EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.248 views

CVE-2019-9274

In the Android kernel in the mnh driver there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

6.7CVSS7.5AI score0.00016EPSS
CVE
CVE
added 2019/06/07 8:29 p.m.247 views

CVE-2019-2101

In uvc_parse_standard_control of uvc_driver.c, there is a possible out-of-bound read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android...

5.5CVSS5.9AI score0.00111EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.247 views

CVE-2019-9245

In the Android kernel in the f2fs driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

4.4CVSS4.2AI score0.00047EPSS
CVE
CVE
added 2023/02/28 5:15 p.m.244 views

CVE-2023-20938

In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android k...

8.1CVSS7.5AI score0.00148EPSS
CVE
CVE
added 2019/09/06 10:15 p.m.243 views

CVE-2019-9446

In the Android kernel in the FingerTipS touchscreen driver there is a possible out of bounds write due to improper input validation. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

6.7CVSS6.7AI score0.00016EPSS
CVE
CVE
added 2020/10/14 2:15 p.m.243 views

CVE-2020-0423

In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndr...

7.8CVSS7.4AI score0.01405EPSS
Total number of security vulnerabilities1402