Lucene search
+L
GoogleAndroid

40 matches found

CVE
CVE
added 2019/09/06 9:51 p.m.466 views

CVE-2019-9455

CVE-2019-9455: In the Android kernel video driver, there is a kernel pointer leak caused by a WARN_ON statement, leading to local information disclosure with System execution privileges needed. Local exploitation is possible without user interaction. The connected Nessus advisories corroborate th...

2.3CVSS4.4AI score0.00179EPSS
CVE
CVE
added 2022/12/13 12:0 a.m.143 views

CVE-2022-20240

CVE-2022-20240 affects Android 12 and Android 12L via the function in AppOpsManager.java, specifically sOpAllowSystemRestrictionBypass. The issue is a leakage of location information caused by a missing permission check, enabling local elevation of privilege with System execution privileges requi...

2.3CVSS3.8AI score0.0011EPSS
CVE
CVE
added 2020/09/17 3:40 p.m.127 views

CVE-2020-0382

CVE-2020-0382 affects Android 10/11. In RunInternal of dumpstate.cpp, an uncaught exception enables a possible user-consent bypass, allowing local disclosure of bug report data with System privileges. No user interaction is required for exploitation, and the impact is limited to information discl...

2.3CVSS3.4AI score0.00152EPSS
CVE
CVE
added 2022/12/16 12:0 a.m.94 views

CVE-2022-20543

CVE-2022-20543 affects Android-13 on Google Pixel devices. The issue is a display crash loop caused by improper input validation in multiple locations, enabling local denial of service with system execution privileges required. Exploitation is local with no user interaction. The Pixel bulletin in...

2.3CVSS4AI score0.00164EPSS
CVE
CVE
added 2022/12/16 12:0 a.m.91 views

CVE-2022-20529

CVE-2022-20529 affects Android 13, specifically the WifiDialogActivity.java code, where a logic error can cause a limited lockscreen bypass and local escalation of privilege in wifi settings without user interaction. The CVE severity per the initial data is Low (CVSS v3.1: 2.4). No exploitation d...

2.4CVSS4.2AI score0.00165EPSS
CVE
CVE
added 2024/04/01 2:35 a.m.85 views

CVE-2024-20045

CVE-2024-20045 concerns MediaTek devices where an incorrect calculation of audio buffer size enables an out-of-bounds read. This vulnerability could lead to local information disclosure with system privileges required; exploitation does not require user interaction. The patch referenced is ALPS08...

2.3CVSS6.1AI score0.00087EPSS
CVE
CVE
added 2024/04/01 2:35 a.m.81 views

CVE-2024-20051

In flashc, an uncaught exception can cause a system crash, enabling local denial of service with system execution privileges required. No user interaction is needed. A patch is referenced (ALPS08541757; ALPS08541758).

2.3CVSS6.5AI score0.00082EPSS
CVE
CVE
added 2022/08/11 3:12 p.m.74 views

CVE-2022-20261

The CVE-2022-20261 entry concerns the Android LocationManager component. A missing permission check could allow an attacker to obtain location information, causing local information disclosure. Exploitation requires System privileges but not user interaction, with a local attack vector. Affected ...

2.3CVSS4.2AI score0.00093EPSS
CVE
CVE
added 2022/08/11 3:7 p.m.73 views

CVE-2022-20245

CVE-2022-20245 affects Android 13 and involves the WindowManager component. An insecure default value in WindowManager may allow a recorded lock-screen capture, leading to local information disclosure. Exploitation requires user interaction, and no additional execution privileges are needed. The ...

2.4CVSS4.3AI score0.00128EPSS
CVE
CVE
added 2022/07/11 1:35 p.m.72 views

CVE-2022-33699

CVE-2022-33699 affects Samsung TelephonyUI’s getDsaSimImsi, where IMSI can be disclosed through logs due to insufficient protection in TelephonyUI. The issue is a local disclosure vulnerability, enabling a local attacker to access IMSI data. Affected component is Samsung TelephonyUI prior to SMR ...

2.3CVSS3.7AI score0.00099EPSS
CVE
CVE
added 2022/08/05 3:21 p.m.71 views

CVE-2022-33720

CVE-2022-33720 concerns Samsung AppLock. The vulnerability is an improper authentication issue in AppLock prior to SMR Aug-2022 Release 1, which could let a physical attacker bypass the lock and access Chrome secured by AppLock via a new tap shortcut. Affected component: AppLock’s Chrome access c...

2.4CVSS3.9AI score0.00136EPSS
CVE
CVE
added 2021/12/15 6:6 p.m.70 views

CVE-2021-0991

CVE-2021-0991 affects Android 12 via the OnMetadataChangedListener in AdvancedBluetoothDetailsHeaderController.java, causing a log information disclosure that could leak Bluetooth MAC addresses. The root cause is information disclosure through verbose/loggable data, enabling local information dis...

2.7CVSS3.2AI score0.00155EPSS
CVE
CVE
added 2022/09/09 2:40 p.m.68 views

CVE-2022-36857

CVE-2022-36857 affects Samsung Photo Editor prior to SMR Sep-2022 Release 1. The root cause is improper authorization that allows physical attackers to read internal application data. Affected component is the Photo Editor within Samsung mobile devices running the referenced Software Maintenance ...

2.4CVSS3.7AI score0.00134EPSS
CVE
CVE
added 2022/07/11 1:33 p.m.67 views

CVE-2022-33686

CVE-2022-33686 affects Samsung GsmAlarmManager where sensitive information (ICCID) can be disclosed via logs due to insufficient protection. The issue is local in scope and is tied to GsmAlarmManager behavior prior to the SMR July 2022 Release 1. Public descriptions in NVD/Red Hat/CNVD and relate...

2.3CVSS3.7AI score0.00101EPSS
CVE
CVE
added 2021/03/04 8:58 p.m.66 views

CVE-2021-25335

Technical details about CVE-2021-25335 are not publicly available in the provided connected documents. No affected product/version specifics or exploitation details are given here. Monitor for updates from Samsung security advisories and NVD entries.

2.5CVSS4.1AI score0.00111EPSS
CVE
CVE
added 2022/08/11 3:27 p.m.63 views

CVE-2022-20327

The CVE-2022-20327 entry concerns Android 13 where there is a vulnerability allowing retrieval of the WiFi SSID without location permissions due to a missing permission check. This enables local information disclosure with user execution privileges, and exploitation requires user interaction. The...

2.8CVSS3.7AI score0.00097EPSS
CVE
CVE
added 2015/12/08 11:0 p.m.61 views

CVE-2015-6627

CVE-2015-6627 affects the Android Audio component prior to 5.1.1 LMY48Z and 6.0 before 2015-12-01. A crafted audio file could disclose sensitive information, demonstrated by gaining Signature or SignatureOrSystem access via the mediaserver/media framework path. The issue is categorized as an info...

2.6CVSS6.2AI score0.00523EPSS
CVE
CVE
added 2020/02/12 7:1 p.m.60 views

CVE-2011-2343

Technical details about CVE-2011-2343 are not publicly provided in the connected documents. Monitor for updates.

2.4CVSS3.7AI score0.00157EPSS
CVE
CVE
added 2022/07/11 1:34 p.m.60 views

CVE-2022-33693

The vulnerability CVE-2022-33693 affects Samsung Mobile CID Manager prior to the SMR July 2022 release, allowing a local attacker to access ICCID information via logs. The issue is described as an information disclosure originating from CID Manager logging behavior, with the impact limited to con...

2.3CVSS3.7AI score0.00099EPSS
CVE
CVE
added 2011/10/03 3:0 p.m.58 views

CVE-2011-3975

CVE-2011-3975 involves an HTC update for Android 2.3.4 (build GRJ22) used with Sense on HTC EVO 3D, EVO 4G, ThunderBolt, and other devices. The HtcLoggers.apk component is exposed via android.permission.INTERNET and can be leveraged by user-assisted remote attackers to extract sensitive data, inc...

2.6CVSS6.8AI score0.01034EPSS
CVE
CVE
added 2020/03/24 5:43 p.m.58 views

CVE-2019-20534

CVE-2019-20534 affects Samsung mobile devices running Android P (9.0). The issue allows an attacker to view the home-screen wallpaper by adjusting the brightness on a locked screen. The description repeatedly mirrors Samsung’s SVE-2019-15540 identifier; Red Hat and CNVD/EUVD/CVE records corrobora...

2.4CVSS4.2AI score0.00139EPSS
CVE
CVE
added 2020/04/08 5:11 p.m.54 views

CVE-2018-21077

CVE-2018-21077 affects Samsung mobile devices running Android M(6.0), N(7.x), and O(8.x). The issue is a clipboard content disclosure in the locked state when the keyboard may be used during an emergency call. Samsung internal ID: SVE-2017-11107 (April 2018). Public details: CVSSv3.1 base score 2...

2.4CVSS4.1AI score0.00139EPSS
CVE
CVE
added 2020/04/08 5:17 p.m.51 views

CVE-2018-21073

The CVE-2018-21073 entry affects Samsung mobile devices running N(7.x) and O(8.0) on Galaxy S9+/S9/S8+/S8/Note 8. The root issue is access to clipboard content in the locked state via the Edge panel, enabling potential information disclosure without unlocking the device. If present in connected d...

2.4CVSS4.2AI score0.00139EPSS
CVE
CVE
added 2020/04/07 1:48 p.m.50 views

CVE-2016-11027

CVE-2016-11027 affects Samsung mobile devices running M(6.0) software. In the Shade Locked state, a physically proximate attacker can read notifications on the lock screen. The entry provides the Samsung ID SVE-2016-7132 but does not specify exploit details, affected models, versions beyond Andro...

2.4CVSS4.1AI score0.00139EPSS
CVE
CVE
added 2020/04/07 2:39 p.m.50 views

CVE-2017-18673

CVE-2017-18673 affects Samsung mobile devices running N(7.x) software. The issue allows an attacker to disable the Location service on a locked device, preventing the rightful owner from locating a stolen device. The Samsung ID is SVE-2017-8524 (May 2017). Public documents do not provide details ...

2.4CVSS4.1AI score0.00133EPSS
CVE
CVE
added 2021/12/08 2:19 p.m.50 views

CVE-2021-25513

CVE-2021-25513 affects the Apps Edge application prior to Samsung SMR Dec-2021 Release 1. The root cause is improper privilege management, enabling unauthorized access to certain lockscreen data. Impact is limited to exposure of device data on the lockscreen; CVSS scores (NVD 2.4/3.1, Low) reflec...

2.4CVSS4AI score0.00105EPSS
CVE
CVE
added 2021/06/11 2:33 p.m.49 views

CVE-2021-25409

CVE-2021-25409 describes an improper access in the Notification setting prior to Samsung SMR June‑2021 Release 1, allowing physically proximate attackers to set arbitrary notifications by physically configuring the device. The NVD entry indicates a low overall impact (CVSS v2: AV:L/AC:L/Au:N/I:P/...

2.4CVSS4.2AI score0.00104EPSS
CVE
CVE
added 2020/04/08 3:34 p.m.48 views

CVE-2020-11606

The CVE-2020-11606 entry concerns Samsung mobile devices running Q (10.0). Affected component is information exposure within the Secure Folder’s application preview on a locked device, leading to partial confidentiality impact. The root cause and exact vulnerable code path are not detailed in the...

2.4CVSS4.2AI score0.00161EPSS
CVE
CVE
added 2020/04/08 5:11 p.m.47 views

CVE-2018-21046

CVE-2018-21046 affects Samsung mobile devices running O(8.x) software. The issue is a clipboard data exposure via the Emergency Dialer when a USB device is connected. The connected documents do not provide a concrete root cause, exploit details, or remediation steps. No public mitigation details ...

2.4CVSS4.2AI score0.00134EPSS
CVE
CVE
added 2020/03/10 7:55 p.m.47 views

CVE-2020-0029

CVE-2020-0029 affects Android 10 WifiConfigManager by allowing storage of location history that can only be erased via a factory reset. The issue enables local information disclosure with System-level privileges and requires no user interaction. The vulnerability is tied to the WifiConfigManager c...

2.3CVSS3.5AI score0.00147EPSS
CVE
CVE
added 2020/03/24 7:5 p.m.46 views

CVE-2019-20595

CVE-2019-20595 concerns Samsung mobile devices running P(9.0) where the Quick Panel can enable or disable the Bluetooth stack without authentication. Affected: Samsung mobile devices with P(9.0) software (as cited in the CVE records). Root cause: an insecure Quick Panel action allows state change...

2.4CVSS4.3AI score0.00136EPSS
CVE
CVE
added 2016/09/11 9:0 p.m.45 views

CVE-2016-3888

CVE-2016-3888 affects Android 4.x (4.4.4+), 5.0.x (5.0.2+), 5.1.x (5.1.1+), 6.x (before 2016-09-01) and 7.0 (before 2016-09-01). The issue, in internal/telephony/SMSDispatcher.java, lets physically proximate attackers bypass Factory Reset Protection and trigger premium SMS sending during Setup Wi...

2.1CVSS4.5AI score0.00175EPSS
CVE
CVE
added 2020/03/24 6:26 p.m.45 views

CVE-2019-20559

CVE-2019-20559 affects Samsung mobile devices running Android P (9.0). The vulnerability is in the Gallery application, permitting viewing of photos on the lock screen. The Samsung ID is SVE-2019-15055 (October 2019). The connected documents do not specify the exact root cause, vulnerable compone...

2.4CVSS4.3AI score0.00134EPSS
CVE
CVE
added 2020/04/08 3:19 p.m.44 views

CVE-2020-11602

Technical details about CVE-2020-11602 are not publicly available in the provided documents. Monitor for updates from NVD/Red Hat/CVE sources as more information may be released.

2.4CVSS4.2AI score0.00155EPSS
CVE
CVE
added 2020/03/24 7:9 p.m.43 views

CVE-2019-20598

The CVE-2019-20598 entry concerns Samsung mobile devices running O(8.x) software where Bixby can leak the keyboard’s learned words and clipboard contents through the lock screen. The vulnerability is documented with Samsung IDs SVE-2018-12896 and SVE-2018-12897. Connected records (e.g., Red Hat C...

2.4CVSS4.3AI score0.00134EPSS
CVE
CVE
added 2020/03/24 6:50 p.m.42 views

CVE-2019-20579

Samsung reports a vulnerability in the Gallery app on Galaxy devices running N(7.x), O(8.x), and P(9.0) that allows attackers to enable location information sharing from the lock screen. The entry references Samsung ID SVE-2019-14462 (August 2019). No concrete exploit details, affected specific m...

2.4CVSS4AI score0.00136EPSS
CVE
CVE
added 2020/03/24 5:3 p.m.42 views

CVE-2020-10830

The CVE-2020-10830 entry concerns Samsung mobile devices running P(9.0) and Q(10.0) software. In Lockdown mode, an attacker can view notifications by entering multiple PINs, impacting user privacy. The issue is documented with Samsung ID SVE-2019-16590 (March 2020). The provided metrics show a lo...

2.4CVSS4.2AI score0.00139EPSS
CVE
CVE
added 2022/07/11 1:36 p.m.42 views

CVE-2022-33700

CVE-2022-33700 affects Samsung TelephonyUI, specifically the putDsaSimImsi path. The vulnerability arises from inadequate protection of sensitive information in TelephonyUI, enabling a local attacker to read IMSI values via logs. The issue is rooted in information disclosure within the putDsaSimI...

2.3CVSS3.7AI score0.00099EPSS
CVE
CVE
added 2026/03/10 8:46 p.m.18 views

CVE-2026-0121

In VPU, a race condition enables a use-after-free read, causing local information disclosure without requiring privileges or user interaction. The issue is documented across multiple sources (NVD/Red Hat/OSV/ENISA/Android Pixel bulletin), with no publicly provided technical details on affected ve...

2.9CVSS5.9AI score0.00056EPSS
CVE
CVE
added 2026/03/10 8:46 p.m.14 views

CVE-2026-0115

Technical details for CVE-2026-0115 are not publicly available in the provided documents. Monitor for updates.

2.1CVSS5.9AI score0.0009EPSS