Google

Android

7776 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2024-0023

  • EPSS 2.84%
  • Published 16.02.2024 20:15:47
  • Last modified 16.12.2024 18:52:54

In ConvertRGBToPlanarYUV of Codec2BufferUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not need...

7.8

CVE-2023-21165

  • EPSS 0.02%
  • Published 16.02.2024 19:15:08
  • Last modified 16.12.2024 14:46:05

In DevmemIntUnmapPMR of devicemem_server.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not n...

5.5

CVE-2023-40085

  • EPSS 0.03%
  • Published 16.02.2024 19:15:08
  • Last modified 16.12.2024 14:42:50

In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for e...

7.8

CVE-2024-0015

  • EPSS 3.01%
  • Published 16.02.2024 19:15:08
  • Last modified 14.03.2025 18:15:26

In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is no...

7.8

CVE-2024-0036

  • EPSS 0%
  • Published 16.02.2024 02:15:51
  • Last modified 16.12.2024 15:58:38

In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to bypass the restrictions on starting activities from the background due to a logic error in the code. This could lead to local escalation of privilege with no ...

3.3

CVE-2024-0037

  • EPSS 0.02%
  • Published 16.02.2024 02:15:51
  • Last modified 03.12.2024 16:15:20

In applyCustomDescription of SaveUi.java, there is a possible way to view images belonging to a different user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction ...

7.8

CVE-2024-0038

  • EPSS 0.03%
  • Published 16.02.2024 02:15:51
  • Last modified 16.12.2024 19:02:43

In injectInputEventToInputFilter of AccessibilityManagerService.java, there is a possible arbitrary input event injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges need...

7.5

CVE-2024-0040

  • EPSS 18.37%
  • Published 16.02.2024 02:15:51
  • Last modified 16.12.2024 19:16:31

In setParameter of MtpPacket.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

7

CVE-2024-0041

  • EPSS 0.02%
  • Published 16.02.2024 02:15:51
  • Last modified 28.03.2025 16:15:27

In removePersistentDot of SystemStatusAnimationSchedulerImpl.kt, there is a possible race condition due to a logic error in the code. This could lead to local escalation of privilege that fails to remove the persistent dot with no additional executio...

3.3

CVE-2023-40122

  • EPSS 0.05%
  • Published 16.02.2024 02:15:50
  • Last modified 26.11.2024 16:32:40

In applyCustomDescription of SaveUi.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...