Google

Android

7776 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2025-26427

  • EPSS 0%
  • Veröffentlicht 04.09.2025 17:11:51
  • Zuletzt bearbeitet 05.09.2025 19:11:56

In multiple locations, there is a possible Android/data access due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

5.1

CVE-2025-26426

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 17:11:50
  • Zuletzt bearbeitet 05.09.2025 19:11:41

In BroadcastController.java of registerReceiverWithFeatureTraced, there is a possible way to receive broadcasts meant for the "android" package due to improper input validation. This could lead to local escalation of privilege with no additional exec...

4

CVE-2025-26425

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 17:11:49
  • Zuletzt bearbeitet 05.09.2025 19:11:30

In multiple functions of RoleService.java, there is a possible permission squatting vulnerability due to a logic error in the code. This could lead to local escalation of privilege on versions of Android where android.permission.MANAGE_DEFAULT_APPLIC...

4

CVE-2025-26424

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 17:11:48
  • Zuletzt bearbeitet 05.09.2025 19:11:21

In multiple functions of VpnManager.java, there is a possible cross-user data leak due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for ex...

6.2

CVE-2025-26423

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 17:11:47
  • Zuletzt bearbeitet 05.09.2025 19:11:12

In validateIpConfiguration of WifiConfigurationUtil.java, there is a possible way to trigger a permanent DoS due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interact...

4

CVE-2025-26422

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 17:11:46
  • Zuletzt bearbeitet 05.09.2025 18:55:05

In dump of WindowManagerService.java, there is a possible way of running dumpsys without the required permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User ...

4

CVE-2025-26421

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 17:11:45
  • Zuletzt bearbeitet 05.09.2025 18:55:28

In multiple locations, there is a possible lock screen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

4.4

CVE-2025-26420

  • EPSS 0%
  • Veröffentlicht 04.09.2025 17:11:44
  • Zuletzt bearbeitet 05.09.2025 18:55:46

In multiple functions of GrantPermissionsActivity.java , there is a possible way to trick the user into granting the incorrect permission due to permission overload. This could lead to local escalation of privilege with no additional execution privil...

5.1

CVE-2025-22425

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 17:11:43
  • Zuletzt bearbeitet 05.09.2025 18:56:05

In onCreate of InstallStart.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

5.1

CVE-2025-0087

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 17:11:42
  • Zuletzt bearbeitet 05.09.2025 18:56:18

In onCreate of UninstallerActivity.java, there is a possible way to uninstall a different user's app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...