Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
8184 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-20081 | 5 Google, Linuxfoundation, Mediatek and 2 more | 39 Android, Yocto, Mt2735 and 36 more | 2025-02-03 | 6.7 Medium |
| In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08719602; Issue ID: MSV-1412. | ||||
| CVE-2024-20079 | 2 Google, Mediatek | 30 Android, Mt6761, Mt6765 and 27 more | 2025-02-03 | 6.7 Medium |
| In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: MSV-1491. | ||||
| CVE-2024-20064 | 2 Google, Mediatek | 30 Android, Mt6580, Mt6761 and 27 more | 2025-02-03 | 7.8 High |
| In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08572601; Issue ID: MSV-1229. | ||||
| CVE-2024-20075 | 2 Google, Mediatek | 11 Android, Mt6833, Mt6853 and 8 more | 2025-02-03 | 6.7 Medium |
| In eemgpu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08713302; Issue ID: MSV-1393. | ||||
| CVE-2024-20142 | 2 Google, Mediatek | 44 Android, Mt6739, Mt6761 and 41 more | 2025-02-03 | 6.2 Medium |
| In V5 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291406; Issue ID: MSV-2070. | ||||
| CVE-2018-9389 | 1 Google | 1 Android | 2025-02-03 | 5.1 Medium |
| In ip6_append_data of ip6_output.c, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9406 | 1 Google | 1 Android | 2025-01-31 | 5.5 Medium |
| In NlpService, there is a possible way to obtain location information due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-35685 | 1 Google | 1 Android | 2025-01-31 | 7.8 High |
| In DevmemIntMapPages of devicemem_server.c, there is a possible physical page uaf due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-21118 | 1 Google | 1 Android | 2025-01-31 | 6.2 Medium |
| In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-269014004 | ||||
| CVE-2023-21117 | 1 Google | 1 Android | 2025-01-31 | 8.4 High |
| In registerReceiverWithFeature of ActivityManagerService.java, there is a possible way for isolated processes to register a broadcast receiver due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-263358101 | ||||
| CVE-2023-21111 | 1 Google | 1 Android | 2025-01-31 | 6.2 Medium |
| In several functions of PhoneAccountRegistrar.java, there is a possible way to prevent an access to emergency services due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256819769 | ||||
| CVE-2024-20022 | 5 Google, Linuxfoundation, Mediatek and 2 more | 34 Android, Yocto, Mt2737 and 31 more | 2025-01-30 | 6.7 Medium |
| In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528255; Issue ID: ALPS08528255. | ||||
| CVE-2024-20020 | 2 Google, Mediatek | 8 Android, Mt2713, Mt2715 and 5 more | 2025-01-30 | 4.4 Medium |
| In OPTEE, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08522504; Issue ID: ALPS08522504. | ||||
| CVE-2022-48239 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-29 | 4.4 Medium |
| In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | ||||
| CVE-2021-39793 | 1 Google | 1 Android | 2025-01-29 | 7.8 High |
| In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210470189References: N/A | ||||
| CVE-2023-20963 | 1 Google | 1 Android | 2025-01-28 | 7.8 High |
| In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519 | ||||
| CVE-2022-48233 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-28 | 5.5 Medium |
| In FM service , there is a possible missing params check. This could lead to local denial of service in FM service . | ||||
| CVE-2022-48232 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-28 | 5.5 Medium |
| In FM service , there is a possible missing params check. This could lead to local denial of service in FM service . | ||||
| CVE-2022-48231 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-28 | 5.5 Medium |
| In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | ||||
| CVE-2022-47493 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-28 | 5.5 Medium |
| In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. | ||||