Google

Android

7776 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2025-48523

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 18:34:05
  • Zuletzt bearbeitet 05.09.2025 19:15:19

In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...

7.8

CVE-2025-48522

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 18:34:04
  • Zuletzt bearbeitet 08.09.2025 16:40:27

In setDisplayName of AssociationRequest.java, there is a possible way for an app to retain CDM association due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interac...

7.8

CVE-2025-32350

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 18:34:03
  • Zuletzt bearbeitet 08.09.2025 14:04:56

In maybeShowDialog of ControlsSettingsDialogManager.kt, there is a possible overlay of the ControlsSettingsDialog due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. Use...

7.8

CVE-2025-32349

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 18:34:02
  • Zuletzt bearbeitet 08.09.2025 14:05:18

In multiple locations, there is a possible privilege escalation due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

7.8

CVE-2025-32347

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 18:34:01
  • Zuletzt bearbeitet 08.09.2025 14:05:28

In onStart of BiometricEnrollIntroduction.java, there is a possible way to determine the device's location due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti...

7.8

CVE-2025-32346

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 18:34:00
  • Zuletzt bearbeitet 08.09.2025 14:05:36

In onActivityResult of VoicemailSettingsActivity.java, there is a possible work profile contact number leak due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...

7.8

CVE-2025-32345

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 18:33:59
  • Zuletzt bearbeitet 08.09.2025 16:40:40

In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could lead to local escalation of pri...

7.8

CVE-2025-32333

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 18:33:58
  • Zuletzt bearbeitet 08.09.2025 14:06:10

In startSpaActivityForApp of SpaActivity.kt, there is a possible cross-user permission bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not n...

7.8

CVE-2025-32332

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 18:33:57
  • Zuletzt bearbeitet 08.09.2025 14:06:33

In multiple locations, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

7.8

CVE-2025-32331

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 18:33:56
  • Zuletzt bearbeitet 08.09.2025 14:07:51

In showDismissibleKeyguard of KeyguardService.java, there is a possible way to bypass app pinning due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is n...