Android

android

Vendor: Google • 8,095 CVEs

CVEs (8,095)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-31712 1Google 1Android Jun 10, 2025 Jun 3, 2025 N/A· v4 6.2 MEDIUM· v3 N/A· v2 In cplog service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed.
CVE-2025-31711 1Google 1Android Jun 10, 2025 Jun 3, 2025 N/A· v4 6.2 MEDIUM· v3 N/A· v2 In cplog service, there is a possible system crash due to null pointer dereference. This could lead to local denial of service with no additional execution privileges needed.
CVE-2025-31710 1Google 1Android Jun 10, 2025 Jun 3, 2025 N/A· v4 8.4 HIGH· v3 N/A· v2 In engineermode service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed.
CVE-2025-27701 1Google 1Android Jul 24, 2025 May 27, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In the function process_crypto_cmd, the values of ptrs[i] can be potentially equal to NULL which is valid value after calling slice_map_array(). Later this values will be derefenced without prior NULL check, which can le...Show more In the function process_crypto_cmd, the values of ptrs[i] can be potentially equal to NULL which is valid value after calling slice_map_array(). Later this values will be derefenced without prior NULL check, which can lead to local Temporary DoS or OOB Read, leading to information disclosure.Show less
CVE-2025-27700 1Google 1Android Jul 24, 2025 May 27, 2025 N/A· v4 8.4 HIGH· v3 N/A· v2 There is a possible bypass of carrier restrictions due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploit...Show more There is a possible bypass of carrier restrictions due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-56193 1Google 1Android Jul 24, 2025 May 27, 2025 N/A· v4 5.1 MEDIUM· v3 N/A· v2 There is a possible disclosure of Bluetooth adapter details due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...Show more There is a possible disclosure of Bluetooth adapter details due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2025-20980 1Google 1Android Oct 2, 2025 May 7, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Out-of-bounds write in libsavscmn prior to Android 15 allows local attackers to cause memory corruption.
CVE-2025-20979 1Google 1Android Oct 2, 2025 May 7, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Out-of-bounds write in libsavscmn prior to Android 15 allows local attackers to execute arbitrary code.
CVE-2025-20671 1Google 1Android May 7, 2025 May 5, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 In thermal, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed...Show more In thermal, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09698599; Issue ID: MSV-3228.Show less
CVE-2025-20668 1Google 1Android May 7, 2025 May 5, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In scp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not need...Show more In scp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09625562; Issue ID: MSV-3027.Show less
CVE-2025-20665 1Google 1Android May 12, 2025 May 5, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In devinfo, there is a possible information disclosure due to a missing SELinux policy. This could lead to local information disclosure of device identifier with no additional execution privileges needed. User interactio...Show more In devinfo, there is a possible information disclosure due to a missing SELinux policy. This could lead to local information disclosure of device identifier with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09555228; Issue ID: MSV-2760.Show less
CVE-2025-20662 2Google Mediatek 2Android Mt9972 Apr 14, 2025 Apr 7, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is...Show more In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04428276; Issue ID: MSV-3184.Show less
CVE-2025-20661 2Google Mediatek 2Android Mt9972 Apr 14, 2025 Apr 7, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is...Show more In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04436357; Issue ID: MSV-3185.Show less
CVE-2025-20660 1Google 1Android Apr 18, 2025 Apr 7, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is...Show more In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04436357; Issue ID: MSV-3186.Show less
CVE-2025-20658 2Google Mediatek 19Android Mt2718Mt6781+16 more Apr 9, 2025 Apr 7, 2025 N/A· v4 6.0 MEDIUM· v3 N/A· v2 In DA, there is a possible permission bypass due to a logic error. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User...Show more In DA, there is a possible permission bypass due to a logic error. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09474894; Issue ID: MSV-2597.Show less
CVE-2025-20657 1Google 1Android Apr 18, 2025 Apr 7, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In vdec, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not ne...Show more In vdec, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09486425; Issue ID: MSV-2609.Show less
CVE-2025-20656 5Google LinuxfoundationMediatek+2 more 20Android Mt6781Mt6789+17 more Apr 9, 2025 Apr 7, 2025 N/A· v4 6.8 MEDIUM· v3 N/A· v2 In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges ne...Show more In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09625423; Issue ID: MSV-3033.Show less
CVE-2025-20655 2Google Mediatek 2Android Mt9972 Apr 9, 2025 Apr 7, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 In keymaster, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not...Show more In keymaster, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04427687; Issue ID: MSV-3183.Show less
CVE-2024-56192 1Google 1Android Jun 27, 2025 Mar 10, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In wl_notify_gscan_event of wl_cfgscan.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User inter...Show more In wl_notify_gscan_event of wl_cfgscan.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-56191 1Google 1Android Jun 27, 2025 Mar 10, 2025 N/A· v4 8.4 HIGH· v3 N/A· v2 In dhd_process_full_gscan_result of dhd_pno.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...Show more In dhd_process_full_gscan_result of dhd_pno.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less

Previous 1...262728...405 Next