Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GoogleAndroid10.0

1834 matches found

CVE
CVEadded 2019/09/27 7:15 p.m.39 views

CVE-2019-9360

In the TEE, there's a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120610663

4.9CVSS4.8AI score0.00016EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.39 views

CVE-2019-9428

In the Framework, it is possible to set up BROWSEABLE intents to take over certain URLs. This could lead to remote information disclosure of sensitive URLs with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-...

6.5CVSS6.4AI score0.00244EPSS
CVE
CVEadded 2020/03/10 8:15 p.m.39 views

CVE-2020-0031

In triggerAugmentedAutofillLocked and related functions of Session.java, it is possible for Augmented Autofill to display sensitive information to the user inappropriately. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for...

5CVSS4.8AI score0.00034EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.39 views

CVE-2020-0126

In multiple functions in DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local code execution with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-137878930

6.9CVSS7.1AI score0.00013EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.39 views

CVE-2020-0131

In parseChunk of MPEG4Extractor.cpp, there is a possible out of bounds write due to incompletely initialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-1...

8.8CVSS9.1AI score0.00481EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.39 views

CVE-2020-0147

In btu_hcif_esco_connection_chg_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product:...

4.4CVSS4.9AI score0.00016EPSS
CVE
CVEadded 2020/06/11 3:15 p.m.39 views

CVE-2020-0175

In XMF_ReadNode of eas_xmf.c, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-126380818

6.5CVSS6.9AI score0.00313EPSS
CVE
CVEadded 2020/03/24 6:15 p.m.39 views

CVE-2020-10843

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (S.LSI chipsets) software. There are race conditions in the hdcp2 driver. The Samsung ID is SVE-2019-16296 (February 2020).

7CVSS6.9AI score0.00013EPSS
CVE
CVEadded 2020/05/11 4:15 p.m.39 views

CVE-2020-12751

An issue was discovered on Samsung mobile devices with O(8.X), P(9.0), and Q(10.0) software. The Quram image codec library allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding. The Samsung ID is SVE-2020-16943 (May 2020).

7.8CVSS7.9AI score0.00087EPSS
CVE
CVEadded 2020/08/31 9:15 p.m.39 views

CVE-2020-25055

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The persona service allows attackers (who control an unprivileged SecureFolder process) to bypass admin restrictions in KnoxContainer. The Samsung ID is SVE-2020-18133 (August 2020).

9.8CVSS9.3AI score0.00129EPSS
CVE
CVEadded 2021/02/04 7:15 p.m.39 views

CVE-2021-0346

In vpu, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05371580.

7.2CVSS6.7AI score0.00014EPSS
CVE
CVEadded 2021/12/17 5:15 p.m.39 views

CVE-2021-0893

In apusys, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05687474.

6.7CVSS6.8AI score0.00018EPSS
CVE
CVEadded 2022/01/14 8:15 p.m.39 views

CVE-2021-1035

In setLaunchIntent of BluetoothDevicePickerPreferenceController.java, there is a possible way to invoke an arbitrary broadcast receiver due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for explo...

7.8CVSS7.7AI score0.00013EPSS
CVE
CVEadded 2021/12/15 7:15 p.m.39 views

CVE-2021-1040

In onCreate of BluetoothPairingSelectionFragment.java, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Androi...

7.8CVSS7.6AI score0.00012EPSS
CVE
CVEadded 2021/03/02 6:15 p.m.39 views

CVE-2021-25330

Calling of non-existent provider in MobileWips application prior to SMR Feb-2021 Release 1 allows unauthorized actions including denial of service attack by hijacking the provider.

7.5CVSS7.3AI score0.00113EPSS
CVE
CVEadded 2021/06/11 3:15 p.m.39 views

CVE-2021-25417

Improper authorization in SDP SDK prior to SMR JUN-2021 Release 1 allows access to internal storage.

7.5CVSS7.4AI score0.00103EPSS
CVE
CVEadded 2021/09/09 7:15 p.m.39 views

CVE-2021-25459

An improper access control vulnerability in sspInit() in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to start BlockchainTZService.

5.5CVSS5.4AI score0.00018EPSS
CVE
CVEadded 2021/10/06 6:15 p.m.39 views

CVE-2021-25476

An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE.

4.4CVSS4.5AI score0.00019EPSS
CVE
CVEadded 2022/01/04 4:15 p.m.39 views

CVE-2022-20013

In vow driver, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05837742; Issue ID: ALPS05837742.

6.4CVSS6.7AI score0.00012EPSS
CVE
CVEadded 2023/01/26 9:15 p.m.39 views

CVE-2022-20214

In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking attack. Attackers can overlay the toggle button to enable apps to modify system settings without user consent.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-183411210

4.7CVSS4.6AI score0.00076EPSS
CVE
CVEadded 2022/06/07 6:15 p.m.39 views

CVE-2022-30714

Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.

3.3CVSS3.9AI score0.00015EPSS
CVE
CVEadded 2022/07/12 2:15 p.m.39 views

CVE-2022-33695

Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows unauthorized access to the service.

7.8CVSS7.5AI score0.00016EPSS
CVE
CVEadded 2022/09/09 3:15 p.m.39 views

CVE-2022-36842

A heap-based overflow vulnerability in prepareRecogLibrary function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

7.8CVSS7.5AI score0.00017EPSS
CVE
CVEadded 2022/10/14 7:15 p.m.39 views

CVE-2022-39080

In messaging service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.

7.8CVSS7.6AI score0.00131EPSS
CVE
CVEadded 2022/12/06 7:15 a.m.39 views

CVE-2022-39092

In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.

7.8CVSS7.5AI score0.00042EPSS
CVE
CVEadded 2023/01/04 10:15 a.m.39 views

CVE-2022-39104

In contacts service, there is a missing permission check. This could lead to local denial of service in Contacts service with no additional execution privileges needed.

5.5CVSS5.4AI score0.00023EPSS
CVE
CVEadded 2022/10/14 7:15 p.m.39 views

CVE-2022-39111

In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.

7.8CVSS7.6AI score0.00131EPSS
CVE
CVEadded 2022/12/06 7:15 a.m.39 views

CVE-2022-42764

In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

5.5CVSS5.3AI score0.00033EPSS
CVE
CVEadded 2022/12/06 7:15 a.m.39 views

CVE-2022-42766

In wlan driver, there is a possible missing permission check, This could lead to local information disclosure.

6.6CVSS5.1AI score0.0003EPSS
CVE
CVEadded 2023/01/04 10:15 a.m.39 views

CVE-2022-44424

In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

5.5CVSS5.4AI score0.00023EPSS
CVE
CVEadded 2023/04/11 12:15 p.m.39 views

CVE-2022-47464

In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.

5.5CVSS5.3AI score0.00022EPSS
CVE
CVEadded 2023/04/11 12:15 p.m.39 views

CVE-2022-47465

In vdsp service, there is a missing permission check. This could lead to local denial of service in vdsp service.

5.5CVSS5.3AI score0.00022EPSS
CVE
CVEadded 2023/05/09 2:15 a.m.39 views

CVE-2022-47485

In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

4.4CVSS4.7AI score0.0001EPSS
CVE
CVEadded 2023/05/09 2:15 a.m.39 views

CVE-2022-47493

In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

5.5CVSS5.4AI score0.00023EPSS
CVE
CVEadded 2023/05/09 2:15 a.m.39 views

CVE-2022-48240

In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

4.4CVSS4.7AI score0.0001EPSS
CVE
CVEadded 2023/05/09 2:15 a.m.39 views

CVE-2022-48375

In contacts service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.

5.5CVSS5.4AI score0.00022EPSS
CVE
CVEadded 2023/07/12 9:15 a.m.39 views

CVE-2023-33884

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

5.5CVSS5.2AI score0.00021EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.38 views

CVE-2019-2069

In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117832864

8.8CVSS9AI score0.00409EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.38 views

CVE-2019-2142

In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112768568

6.5CVSS6.4AI score0.00125EPSS
CVE
CVEadded 2019/11/13 6:15 p.m.38 views

CVE-2019-2193

In WelcomeActivity.java and related files, there is a possible permissions bypass due to a partially provisioned Device Policy Client. This could lead to local escalation of privilege, leaving an Admin app installed with no indication to the user, with User execution privileges needed. User interac...

7.8CVSS7.6AI score0.0001EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.38 views

CVE-2019-9234

In wpa_supplicant_8, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122465453

7.5CVSS7.2AI score0.00312EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.38 views

CVE-2019-9244

In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120865977

5CVSS5.3AI score0.00017EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.38 views

CVE-2019-9252

In libavc there is a possible out of bounds read due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-73339042

6.5CVSS6.4AI score0.00244EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.38 views

CVE-2019-9260

In Bluetooth, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113495295

7.5CVSS7.2AI score0.00312EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.38 views

CVE-2019-9375

In hostapd, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-129344244

6.9CVSS7AI score0.0001EPSS
CVE
CVEadded 2019/09/27 7:15 p.m.38 views

CVE-2019-9382

In libeffects, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120874654

8.8CVSS9AI score0.00409EPSS
CVE
CVEadded 2020/03/15 10:15 p.m.38 views

CVE-2020-0086

In readCString of Parcel.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to arbitrary code execution if IntSan were not enabled, which it is by default. No additional execution privileges are required. User interaction is not needed for exploitation. Product...

9.8CVSS9.2AI score0.00187EPSS
CVE
CVEadded 2020/05/14 9:15 p.m.38 views

CVE-2020-0097

In various methods of PackageManagerService.java, there is a possible permission bypass due to a missing condition for system apps. This could lead to local escalation of privilege with User privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Andro...

7.8CVSS7.6AI score0.00021EPSS
CVE
CVEadded 2020/05/14 9:15 p.m.38 views

CVE-2020-0106

In getCellLocation of PhoneInterfaceManager.java, there is a possible permission bypass due to a missing SDK version check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Andro...

5.5CVSS5.1AI score0.00015EPSS
CVE
CVEadded 2020/06/10 6:15 p.m.38 views

CVE-2020-0119

In addOrUpdateNetworkInternal and related functions of WifiConfigManager.java, there is a possible man in the middle attack due to improper certificate validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploit...

5.4CVSS5.1AI score0.00144EPSS
Total number of security vulnerabilities1834