Lucene search

K
GoogleAndroid

38 matches found

CVE
CVE
added 2019/09/06 10:15 p.m.419 views

CVE-2019-9455

In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

2.3CVSS4.4AI score0.00023EPSS
CVE
CVE
added 2022/12/13 4:15 p.m.94 views

CVE-2022-20240

In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location information due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVer...

2.3CVSS3.8AI score0.00003EPSS
CVE
CVE
added 2024/04/01 3:15 a.m.70 views

CVE-2024-20045

In audio, there is a possible out of bounds read due to an incorrect calculation of buffer size. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08024748; Issue ID: ALPS08029526.

2.3CVSS6.1AI score0.0001EPSS
CVE
CVE
added 2020/09/17 4:15 p.m.69 views

CVE-2020-0382

In RunInternal of dumpstate.cpp, there is a possible user consent bypass due to an uncaught exception. This could lead to local information disclosure of bug report data with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 And...

2.3CVSS3.4AI score0.00014EPSS
CVE
CVE
added 2024/04/01 3:15 a.m.62 views

CVE-2024-20051

In flashc, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541758.

2.3CVSS6.5AI score0.00013EPSS
CVE
CVE
added 2022/07/12 2:15 p.m.59 views

CVE-2022-33699

Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.

2.3CVSS3.7AI score0.00017EPSS
CVE
CVE
added 2022/08/05 4:15 p.m.53 views

CVE-2022-33720

Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut.

2.4CVSS3.9AI score0.00059EPSS
CVE
CVE
added 2021/03/04 9:15 p.m.52 views

CVE-2021-25335

Improper lockscreen status check in cocktailbar service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows unauthenticated users to access hidden notification contents over the lockscreen in specific condition.

2.5CVSS4.1AI score0.00046EPSS
CVE
CVE
added 2022/08/12 3:15 p.m.51 views

CVE-2022-20261

In LocationManager, there is a possible way to get location information due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-21983...

2.3CVSS4.2AI score0.00013EPSS
CVE
CVE
added 2022/08/12 3:15 p.m.50 views

CVE-2022-20327

In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ...

2.8CVSS3.7AI score0.00014EPSS
CVE
CVE
added 2022/12/16 4:15 p.m.50 views

CVE-2022-20529

In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege in wifi settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product...

2.4CVSS4.2AI score0.0001EPSS
CVE
CVE
added 2022/08/11 3:15 p.m.49 views

CVE-2022-20245

In WindowManager, there is a possible method to create a recording of the lock screen due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13And...

2.4CVSS4.3AI score0.00032EPSS
CVE
CVE
added 2020/02/12 8:15 p.m.48 views

CVE-2011-2343

The Bluetooth stack in Android before 2.3.6 allows a physically proximate attacker to obtain contact information via an AT phonebook transfer.

2.4CVSS3.7AI score0.00019EPSS
CVE
CVE
added 2022/12/16 4:15 p.m.48 views

CVE-2022-20543

In multiple locations, there is a possible display crash loop due to improper input validation. This could lead to local denial of service with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238178261

2.3CVSS4AI score0.00017EPSS
CVE
CVE
added 2022/07/12 2:15 p.m.48 views

CVE-2022-33693

Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.

2.3CVSS3.7AI score0.00017EPSS
CVE
CVE
added 2022/07/12 2:15 p.m.47 views

CVE-2022-33686

Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.

2.3CVSS3.7AI score0.00017EPSS
CVE
CVE
added 2020/03/24 6:15 p.m.46 views

CVE-2019-20534

An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can view home-screen wallpaper by adjusting the brightness of a locked screen. The Samsung ID is SVE-2019-15540 (December 2019).

2.4CVSS4.2AI score0.00018EPSS
CVE
CVE
added 2011/10/03 3:55 p.m.45 views

CVE-2011-3975

A certain HTC update for Android 2.3.4 build GRJ22, when the Sense interface is used on the HTC EVO 3D, EVO 4G, ThunderBolt, and unspecified other devices, provides the HtcLoggers.apk application, which allows user-assisted remote attackers to obtain a list of telephone numbers from a log, and othe...

2.6CVSS6.8AI score0.00357EPSS
CVE
CVE
added 2022/09/09 3:15 p.m.44 views

CVE-2022-36857

Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data.

2.4CVSS3.7AI score0.00093EPSS
CVE
CVE
added 2020/04/07 2:15 p.m.38 views

CVE-2016-11027

An issue was discovered on Samsung mobile devices with M(6.0) software. In the Shade Locked state, a physically proximate attacker can read notifications on the lock screen. The Samsung ID is SVE-2016-7132 (December 2016).

2.4CVSS4.1AI score0.00018EPSS
CVE
CVE
added 2015/12/08 11:59 p.m.37 views

CVE-2015-6627

The Audio component in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to obtain sensitive information via a crafted audio file, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24211743.

2.6CVSS6.2AI score0.00163EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.37 views

CVE-2017-18673

An issue was discovered on Samsung mobile devices with N(7.x) software. An attacker can disable the Location service on a locked device, making it impossible for the rightful owner to find a stolen device. The Samsung ID is SVE-2017-8524 (May 2017).

2.4CVSS4.1AI score0.00019EPSS
CVE
CVE
added 2020/04/08 6:15 p.m.37 views

CVE-2018-21077

An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) software. There is a Clipboard content disclosure in the locked state because the keyboard may be used during an emergency call. The Samsung ID is SVE-2017-11107 (April 2018).

2.4CVSS4.1AI score0.00018EPSS
CVE
CVE
added 2020/04/08 6:15 p.m.35 views

CVE-2018-21073

An issue was discovered on Samsung mobile devices with N(7.x) and O(8.0) (Galaxy S9+, Galaxy S9, Galaxy S8+, Galaxy S8, Note 8). There is access to Clipboard content in the locked state via the Edge panel. The Samsung ID is SVE-2017-10748 (May 2018).

2.4CVSS4.2AI score0.00018EPSS
CVE
CVE
added 2020/03/24 8:15 p.m.34 views

CVE-2019-20595

An issue was discovered on Samsung mobile devices with P(9.0) software. Quick Panel allows enabling or disabling the Bluetooth stack without authentication. The Samsung ID is SVE-2019-14545 (July 2019).

2.4CVSS4.3AI score0.0002EPSS
CVE
CVE
added 2020/04/08 6:15 p.m.33 views

CVE-2018-21046

An issue was discovered on Samsung mobile devices with O(8.x) software. There is clipboard Data Exposure via the Emergency Dialer upon connecting a USB device. The Samsung ID is SVE-2018-12911 (November 2018).

2.4CVSS4.2AI score0.00019EPSS
CVE
CVE
added 2020/03/24 7:15 p.m.33 views

CVE-2019-20559

An issue was discovered on Samsung mobile devices with P(9.0) software. Gallery allows viewing of photos on the lock screen. The Samsung ID is SVE-2019-15055 (October 2019).

2.4CVSS4.3AI score0.00019EPSS
CVE
CVE
added 2020/04/08 4:15 p.m.33 views

CVE-2020-11606

An issue was discovered on Samsung mobile devices with Q(10.0) software. Information about application preview (in the Secure Folder) leaks on a locked device. The Samsung ID is SVE-2019-16463 (April 2020).

2.4CVSS4.2AI score0.00007EPSS
CVE
CVE
added 2021/06/11 3:15 p.m.33 views

CVE-2021-25409

Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device.

2.4CVSS4.2AI score0.00018EPSS
CVE
CVE
added 2021/12/08 3:15 p.m.33 views

CVE-2021-25513

An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen.

2.4CVSS4AI score0.00019EPSS
CVE
CVE
added 2020/03/10 8:15 p.m.31 views

CVE-2020-0029

In the WifiConfigManager, there is a possible storage of location history which can only be deleted by triggering a factory reset. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Andro...

2.3CVSS3.5AI score0.0003EPSS
CVE
CVE
added 2020/03/24 6:15 p.m.31 views

CVE-2020-10830

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Attackers can view notifications by entering many PINs in Lockdown mode. The Samsung ID is SVE-2019-16590 (March 2020).

2.4CVSS4.2AI score0.00018EPSS
CVE
CVE
added 2020/04/08 4:15 p.m.31 views

CVE-2020-11602

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Google Assistant leaks clipboard contents on a locked device. The Samsung ID is SVE-2019-16558 (April 2020).

2.4CVSS4.2AI score0.00018EPSS
CVE
CVE
added 2016/09/11 9:59 p.m.30 views

CVE-2016-3888

internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism, and send premium SMS messages during the Set...

2.1CVSS4.5AI score0.00022EPSS
CVE
CVE
added 2020/03/24 8:15 p.m.30 views

CVE-2019-20598

An issue was discovered on Samsung mobile devices with O(8.x) software. Bixby leaks the keyboard's learned words, and the clipboard contents, via the lock screen. The Samsung IDs are SVE-2018-12896, SVE-2018-12897 (May 2019).

2.4CVSS4.3AI score0.00019EPSS
CVE
CVE
added 2020/03/24 7:15 p.m.29 views

CVE-2019-20579

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Gallery allows attackers to enable Location information sharing from the lock screen. The Samsung ID is SVE-2019-14462 (August 2019).

2.4CVSS4AI score0.00019EPSS
CVE
CVE
added 2021/12/15 7:15 p.m.29 views

CVE-2021-0991

In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitat...

2.7CVSS3.2AI score0.00021EPSS
CVE
CVE
added 2022/07/12 2:15 p.m.29 views

CVE-2022-33700

Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.

2.3CVSS3.7AI score0.00017EPSS