Google

Android

7930 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2025-26439

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 19:28:10
  • Zuletzt bearbeitet 05.09.2025 19:08:32

In getComponentName of AccessibilitySettingsUtils.java, there is a possible way to for a malicious Talkback service to be enabled instead of the system component due to a logic error in the code. This could lead to local escalation of privilege with ...

7.8

CVE-2025-26431

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 19:28:09
  • Zuletzt bearbeitet 05.09.2025 18:59:29

In setupAccessibilityServices of AccessibilityFragment.java, there is a possible way to hide an enabled accessibility service due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges n...

3.3

CVE-2025-26419

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 19:28:08
  • Zuletzt bearbeitet 05.09.2025 18:59:44

In initPhoneSwitch of SystemSettingsFragment.java, there is a possible FRP bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploi...

6.2

CVE-2024-40664

  • EPSS 0.09%
  • Veröffentlicht 04.09.2025 19:28:07
  • Zuletzt bearbeitet 08.09.2025 14:03:20

In setupAccessibilityServices of AccessibilityFragment.java , there is a possible way to hide an enabled accessibility service due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed...

4

CVE-2025-22415

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 19:23:54
  • Zuletzt bearbeitet 05.09.2025 19:08:58

In android_app of Android.bp, there is a possible way to launch any activity as a system user. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

7.8

CVE-2025-22414

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 19:23:53
  • Zuletzt bearbeitet 05.09.2025 19:08:51

In FrpBypassAlertActivity of FrpBypassAlertActivity.java, there is a possible way to bypass FRP due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no...

4

CVE-2024-49731

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 19:18:59
  • Zuletzt bearbeitet 05.09.2025 19:08:43

In apk-versions.txt, there is a possible corruption of telemetry opt-in settings on other watches when setting up a new Pixel Watch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privil...

8.4

CVE-2025-48581

Medienbericht
  • EPSS 0%
  • Veröffentlicht 04.09.2025 18:34:41
  • Zuletzt bearbeitet 18.11.2025 05:16:07

In VerifyNoOverlapInSessions of apexd.cpp, there is a possible way to block security updates due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not ne...

7.8

CVE-2025-48563

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 18:34:40
  • Zuletzt bearbeitet 08.09.2025 14:03:37

In onNullBinding of RemoteFillService.java, there is a possible background activity launch due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not need...

5

CVE-2025-48562

  • EPSS 0%
  • Veröffentlicht 04.09.2025 18:34:39
  • Zuletzt bearbeitet 26.09.2025 14:01:36

In writeContent of RemotePrintDocument.java, there is a possible information disclosure due to a logic error. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.