Google

Android

7776 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2024-25992

  • EPSS 0.05%
  • Veröffentlicht 11.03.2024 19:15:47
  • Zuletzt bearbeitet 03.04.2025 15:57:13

In tmu_tz_control of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

8.4

CVE-2024-25993

  • EPSS 0.04%
  • Veröffentlicht 11.03.2024 19:15:47
  • Zuletzt bearbeitet 03.04.2025 15:57:09

In tmu_reset_tmu_trip_counter of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4

CVE-2024-27204

  • EPSS 0.02%
  • Veröffentlicht 11.03.2024 19:15:47
  • Zuletzt bearbeitet 03.04.2025 15:57:04

In tmu_set_gov_active of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

8.4

CVE-2024-27205

  • EPSS 0.02%
  • Veröffentlicht 11.03.2024 19:15:47
  • Zuletzt bearbeitet 03.04.2025 15:56:38

there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

8.8

CVE-2024-23717

  • EPSS 0.28%
  • Veröffentlicht 11.03.2024 17:15:46
  • Zuletzt bearbeitet 16.12.2024 19:28:06

In access_secure_service_from_temp_bond of btm_sec.cc, there is a possible way to achieve keystroke injection due to improper input validation. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privile...

9.8

CVE-2024-0039

  • EPSS 26.25%
  • Veröffentlicht 11.03.2024 17:15:45
  • Zuletzt bearbeitet 13.03.2025 19:15:40

In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitatio...

6.7

CVE-2024-0044

Exploit
  • EPSS 4.59%
  • Veröffentlicht 11.03.2024 17:15:45
  • Zuletzt bearbeitet 28.01.2025 20:15:30

In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not ne...

6.5

CVE-2024-0045

  • EPSS 0.1%
  • Veröffentlicht 11.03.2024 17:15:45
  • Zuletzt bearbeitet 17.12.2024 15:41:13

In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not n...

7.8

CVE-2024-0046

  • EPSS 0%
  • Veröffentlicht 11.03.2024 17:15:45
  • Zuletzt bearbeitet 16.12.2024 19:50:16

In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User inter...

5.5

CVE-2024-0047

  • EPSS 0.04%
  • Veröffentlicht 11.03.2024 17:15:45
  • Zuletzt bearbeitet 27.03.2025 16:15:20

In writeUserLP of UserManagerService.java, device policies are serialized with an incorrect tag due to a logic error in the code. This could lead to local denial of service when policies are deserialized on reboot with no additional execution privile...