Google

Android

8032 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2024-0028

  • EPSS 0.01%
  • Veröffentlicht 05.09.2025 16:10:01
  • Zuletzt bearbeitet 08.09.2025 16:38:34

In Audio Service, there is a possible way to obtain MAC addresses of nearby Bluetooth devices due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not ...

7.8

CVE-2025-32322

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 19:39:27
  • Zuletzt bearbeitet 05.09.2025 18:59:59

In onCreate of MediaProjectionPermissionActivity.java , there is a possible way to grant a malicious app a token enabling unauthorized screen recording capabilities due to improper input validation. This could lead to local escalation of privilege wi...

7.8

CVE-2025-26439

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 19:28:10
  • Zuletzt bearbeitet 05.09.2025 19:08:32

In getComponentName of AccessibilitySettingsUtils.java, there is a possible way to for a malicious Talkback service to be enabled instead of the system component due to a logic error in the code. This could lead to local escalation of privilege with ...

7.8

CVE-2025-26431

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 19:28:09
  • Zuletzt bearbeitet 05.09.2025 18:59:29

In setupAccessibilityServices of AccessibilityFragment.java, there is a possible way to hide an enabled accessibility service due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges n...

3.3

CVE-2025-26419

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 19:28:08
  • Zuletzt bearbeitet 05.09.2025 18:59:44

In initPhoneSwitch of SystemSettingsFragment.java, there is a possible FRP bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploi...

6.2

CVE-2024-40664

  • EPSS 0.09%
  • Veröffentlicht 04.09.2025 19:28:07
  • Zuletzt bearbeitet 08.09.2025 14:03:20

In setupAccessibilityServices of AccessibilityFragment.java , there is a possible way to hide an enabled accessibility service due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed...

4

CVE-2025-22415

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 19:23:54
  • Zuletzt bearbeitet 05.09.2025 19:08:58

In android_app of Android.bp, there is a possible way to launch any activity as a system user. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

7.8

CVE-2025-22414

  • EPSS 0.01%
  • Veröffentlicht 04.09.2025 19:23:53
  • Zuletzt bearbeitet 05.09.2025 19:08:51

In FrpBypassAlertActivity of FrpBypassAlertActivity.java, there is a possible way to bypass FRP due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no...

4

CVE-2024-49731

  • EPSS 0.03%
  • Veröffentlicht 04.09.2025 19:18:59
  • Zuletzt bearbeitet 05.09.2025 19:08:43

In apk-versions.txt, there is a possible corruption of telemetry opt-in settings on other watches when setting up a new Pixel Watch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privil...

8.4

CVE-2025-48581

Medienbericht
  • EPSS 0%
  • Veröffentlicht 04.09.2025 18:34:41
  • Zuletzt bearbeitet 18.11.2025 05:16:07

In VerifyNoOverlapInSessions of apexd.cpp, there is a possible way to block security updates due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not ne...