Android

android

Vendor: Google • 8,095 CVEs

CVEs (8,095)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-20152 4Google LinuxfoundationMediatek+1 more 4Android OpenwrtSoftware Development Kit+1 more Apr 21, 2025 Jan 6, 2025 N/A· v4 4.4 MEDIUM· v3 N/A· v2 In wlan STA driver, there is a possible reachable assertion due to improper exception handling. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction...Show more In wlan STA driver, there is a possible reachable assertion due to improper exception handling. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00389047 / ALPS09136505; Issue ID: MSV-1798.Show less
CVE-2024-20148 3Google LinuxfoundationMediatek 3Android Software Development KitYocto Apr 22, 2025 Jan 6, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is n...Show more In wlan STA FW, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389045 / ALPS09136494; Issue ID: MSV-1796.Show less
CVE-2024-20146 4Google LinuxfoundationMediatek+1 more 4Android OpenwrtSoftware Development Kit+1 more Apr 22, 2025 Jan 6, 2025 N/A· v4 8.1 HIGH· v3 N/A· v2 In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction...Show more In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389496 / ALPS09137491; Issue ID: MSV-1835.Show less
CVE-2024-20145 4Google LinuxfoundationOpenwrt+1 more 4Android OpenwrtRdk B+1 more Apr 22, 2025 Jan 6, 2025 N/A· v4 6.6 MEDIUM· v3 N/A· v2 In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges...Show more In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09290940; Issue ID: MSV-2040.Show less
CVE-2024-20144 4Google LinuxfoundationOpenwrt+1 more 4Android OpenwrtRdk B+1 more Apr 22, 2025 Jan 6, 2025 N/A· v4 6.6 MEDIUM· v3 N/A· v2 In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges...Show more In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09167056; Issue ID: MSV-2041.Show less
CVE-2024-20143 4Google LinuxfoundationOpenwrt+1 more 4Android OpenwrtRdk B+1 more Apr 22, 2025 Jan 6, 2025 N/A· v4 6.6 MEDIUM· v3 N/A· v2 In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges...Show more In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09167056; Issue ID: MSV-2069.Show less
CVE-2024-20140 2Google Linuxfoundation 2Android Yocto Apr 22, 2025 Jan 6, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not ne...Show more In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09270402; Issue ID: MSV-2020.Show less
CVE-2024-20105 1Google 1Android Apr 22, 2025 Jan 6, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not need...Show more In m4u, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09062027; Issue ID: MSV-1743.Show less
CVE-2024-53842 1Google 1Android Jul 24, 2025 Jan 3, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In cc_SendCcImsInfoIndMsg of cc_MmConManagement.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User inte...Show more In cc_SendCcImsInfoIndMsg of cc_MmConManagement.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-53841 1Google 1Android Jul 24, 2025 Jan 3, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In startListeningForDeviceStateChanges, there is a possible Permission Bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...Show more In startListeningForDeviceStateChanges, there is a possible Permission Bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-53840 1Google 1Android Jul 24, 2025 Jan 3, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 there is a possible biometric bypass due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-53839 1Google 1Android Jul 24, 2025 Jan 3, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In GetCellInfoList() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Inter...Show more In GetCellInfoList() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation.Show less
CVE-2024-53838 1Google 1Android Jul 24, 2025 Jan 3, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execut...Show more In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-53837 1Google 1Android Jul 24, 2025 Jan 3, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interac...Show more In prepare_response of lwis_periodic_io.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-53836 1Google 1Android Jul 24, 2025 Jan 3, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In wbrc_bt_dev_write of wb_regon_coordinator.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction...Show more In wbrc_bt_dev_write of wb_regon_coordinator.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-53835 1Google 1Android Jul 24, 2025 Jan 3, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 there is a possible biometric bypass due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-53834 1Google 1Android Jul 24, 2025 Jan 3, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 In sms_DisplayHexDumpOfPrivacyBuffer of sms_Utilities.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges n...Show more In sms_DisplayHexDumpOfPrivacyBuffer of sms_Utilities.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-53833 1Google 1Android Jul 24, 2025 Jan 3, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In prepare_response_locked of lwis_transaction.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed...Show more In prepare_response_locked of lwis_transaction.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-47032 1Google 1Android Jul 24, 2025 Jan 3, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In construct_transaction_from_cmd of lwis_ioctl.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. U...Show more In construct_transaction_from_cmd of lwis_ioctl.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-11624 1Google 1Android Jul 24, 2025 Jan 3, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 there is a possible to add apps to bypass VPN due to Undeclared Permission . This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitatio...Show more there is a possible to add apps to bypass VPN due to Undeclared Permission . This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less

Previous 1...313233...405 Next