Android

android

Vendor: Google • 8,095 CVEs

CVEs (8,095)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-39430 1Google 1Android Nov 21, 2024 Jul 1, 2024 N/A· v4 6.2 MEDIUM· v3 N/A· v2 In faceid servive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
CVE-2024-39429 1Google 1Android Nov 21, 2024 Jul 1, 2024 N/A· v4 6.2 MEDIUM· v3 N/A· v2 In faceid servive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
CVE-2024-39428 1Google 1Android Nov 21, 2024 Jul 1, 2024 N/A· v4 4.4 MEDIUM· v3 N/A· v2 In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
CVE-2024-39427 1Google 1Android Nov 21, 2024 Jul 1, 2024 N/A· v4 4.4 MEDIUM· v3 N/A· v2 In trusty service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
CVE-2024-20081 4Google LinuxfoundationOpenwrt+1 more 4Android OpenwrtRdk B+1 more Mar 13, 2025 Jul 1, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for expl...Show more In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08719602; Issue ID: MSV-1412.Show less
CVE-2024-20080 3Google LinuxfoundationRdkcentral 3Android Rdk BYocto May 28, 2025 Jul 1, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is n...Show more In gnss service, there is a possible escalation of privilege due to improper certificate validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08720039; Issue ID: MSV-1424.Show less
CVE-2024-20079 1Google 1Android Mar 13, 2025 Jul 1, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for expl...Show more In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: MSV-1491.Show less
CVE-2024-20078 1Google 1Android May 28, 2025 Jul 1, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In venc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID:...Show more In venc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08737250; Issue ID: MSV-1452.Show less
CVE-2024-32930 1Google 1Android Jul 22, 2025 Jun 13, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 In plugin_ipc_handler of slc_plugin.c, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure of 4 bytes of stack memory with no additional execution privile...Show more In plugin_ipc_handler of slc_plugin.c, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure of 4 bytes of stack memory with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-32929 1Google 1Android Jul 22, 2025 Jun 13, 2024 N/A· v4 8.1 HIGH· v3 N/A· v2 In gpu_slc_get_region of pixel_gpu_slc.c, there is a possible EoP due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f...Show more In gpu_slc_get_region of pixel_gpu_slc.c, there is a possible EoP due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-32926 1Google 1Android Jul 22, 2025 Jun 13, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 there is a possible information disclosure due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for ex...Show more there is a possible information disclosure due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-32925 1Google 1Android Jul 22, 2025 Jun 13, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 In dhd_prot_txstatus_process of dhd_msgbuf.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interacti...Show more In dhd_prot_txstatus_process of dhd_msgbuf.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-32924 1Google 1Android Jul 22, 2025 Jun 13, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 In DeregAcceptProcINT of cn_NrmmStateDeregInit.cpp, there is a possible denial of service due to a logic error in the code. This could lead to remote denial of service with no additional execution privileges needed. User...Show more In DeregAcceptProcINT of cn_NrmmStateDeregInit.cpp, there is a possible denial of service due to a logic error in the code. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-32923 1Google 1Android Jul 22, 2025 Jun 13, 2024 N/A· v4 4.0 MEDIUM· v3 N/A· v2 there is a possible cellular denial of service due to a logic error in the code. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...Show more there is a possible cellular denial of service due to a logic error in the code. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-32922 1Google 1Android Jul 22, 2025 Jun 13, 2024 N/A· v4 7.4 HIGH· v3 N/A· v2 In gpu_pm_power_on_top_nolock of pixel_gpu_power.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE with no additional executio...Show more In gpu_pm_power_on_top_nolock of pixel_gpu_power.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-32921 1Google 1Android Jul 22, 2025 Jun 13, 2024 N/A· v4 7.4 HIGH· v3 N/A· v2 In lwis_initialize_transaction_fences of lwis_fence.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges neede...Show more In lwis_initialize_transaction_fences of lwis_fence.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-32920 1Google 1Android Jul 22, 2025 Jun 13, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 In set_secure_reg of sac_handler.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of 4 bytes of stack memory with no additional execution privileges...Show more In set_secure_reg of sac_handler.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of 4 bytes of stack memory with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-32919 1Google 1Android Jul 22, 2025 Jun 13, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 In lwis_add_completion_fence of lwis_fence.c, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User inter...Show more In lwis_add_completion_fence of lwis_fence.c, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-32918 1Google 1Android Nov 21, 2024 Jun 13, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Permission Bypass allowing attackers to disable HDCP 2.2 encryption by not completing the HDCP Key Exchange initialization steps
CVE-2024-32917 1Google 1Android Jul 24, 2025 Jun 13, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 In pl330_dma_from_peri_start() of fp_spi_dma.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User...Show more In pl330_dma_from_peri_start() of fp_spi_dma.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less

Previous 1...474849...405 Next