2082 matches found
CVE-2023-32866
In mmp, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07342152; Issue ID: ALPS07342152.
CVE-2023-33913
In DRM/oemcrypto, there is a possible out of bounds write due to an incorrect calculation of buffer size.This could lead to remote escalation of privilege with System execution privileges needed
CVE-2023-38444
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
CVE-2023-38449
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
CVE-2023-38464
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
CVE-2023-38465
In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
CVE-2023-40651
In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
CVE-2023-42638
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42716
In telephony service, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed
CVE-2023-48354
In telephone service, there is a possible improper input validation. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-48355
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
CVE-2023-48357
In vsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
CVE-2023-48358
In drm driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
CVE-2020-0282
In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure. System execution privileges, a Firmware compromise, and User interaction are needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-144506224
CVE-2020-0316
In Telephony, there is a missing permission check. This could lead to local information disclosure of radio data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154934919
CVE-2020-0329
In the OMX encoder, there is a possible out of bounds read due to invalid input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-63522940
CVE-2020-0370
In libAACdec, there is a possible out of bounds read due to missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-112051700
CVE-2020-0406
In libmpeg2dec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if another exploit allowed this to be triggered with different parameters, with no additional execution privileges needed. User interaction is needed for exploitat...
CVE-2020-0488
In ihevc_inter_pred_chroma_copy_ssse3 of ihevc_inter_pred_filters_ssse3_intr.c, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:...
CVE-2020-27029
In TextView of TextView.java, there is a possible app hang due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-140218875
CVE-2020-27035
In priorLinearAllocation of C2AllocatorIon.cpp, there is a possible use-after-free due to improper locking. This could lead to local information disclosure in the media codec with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An...
CVE-2020-27039
In postNotification of ServiceRecord.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-1...
CVE-2020-27047
In ce_t4t_update_binary of ce_t4t.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-1...
CVE-2020-27053
In broadcastWifiCredentialChanged of ClientModeImpl.java, there is a possible location permission bypass due to a missing permission check. This could lead to local information disclosure of the WiFi network name with System execution privileges needed. User interaction is not needed for exploitati...
CVE-2021-0371
In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android I...
CVE-2021-0407
In clk driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05479659; Issue ID: ALPS05479659.
CVE-2021-0425
In memory management driver, there is a possible side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05400059.
CVE-2021-0612
In m4u, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05425834.
CVE-2021-0629
In mdlactl driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05776625; Issue ID: ALPS05776625.
CVE-2021-0660
In ccu, there is a possible out of bounds read due to incorrect error handling. This could lead to information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827145; Issue ID: ALPS05827145.
CVE-2021-25383
An improper input validation vulnerability in scmn_mfal_read() in libsapeextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.
CVE-2021-25391
Intent redirection vulnerability in Secure Folder prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action.
CVE-2021-25407
A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write.
CVE-2021-25484
Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event.
CVE-2022-39113
In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed.
CVE-2022-47494
In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
CVE-2023-20700
In widevine, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07643304; Issue ID: ALPS07643304.
CVE-2023-20784
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826989; Issue ID: ALPS07826989.
CVE-2023-30919
In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
CVE-2023-30923
In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
CVE-2023-33897
In libimpl-ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
CVE-2023-33908
In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
CVE-2023-38462
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges
CVE-2023-40650
In Telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42684
In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
CVE-2023-42709
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42710
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42741
In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-48345
In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
CVE-2020-0314
In AudioService, there are missing permission checks. This could lead to local information disclosure of audio configuration with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154934920