Google

Android

7895 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2025-0082

  • EPSS 0.01%
  • Veröffentlicht 26.08.2025 22:48:41
  • Zuletzt bearbeitet 02.09.2025 18:03:07

In multiple functions of StatusHint.java and TelecomServiceImpl.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User...

7.5

CVE-2025-0081

  • EPSS 0.1%
  • Veröffentlicht 26.08.2025 22:48:40
  • Zuletzt bearbeitet 02.09.2025 18:03:13

In dng_lossless_decoder::HuffDecode of dng_lossless_jpeg.cpp, there is a possible way to cause a crash due to uninitialized data. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not need...

7.8

CVE-2025-0080

  • EPSS 0.01%
  • Veröffentlicht 26.08.2025 22:48:39
  • Zuletzt bearbeitet 02.09.2025 18:05:22

In multiple locations, there is a possible way to overlay the installation confirmation dialog due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no...

7.8

CVE-2025-0079

  • EPSS 0.01%
  • Veröffentlicht 26.08.2025 22:48:38
  • Zuletzt bearbeitet 02.09.2025 18:05:15

In multiple locations, there is a possible way that avdtp and avctp channels could be unencrypted due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed...

8.8

CVE-2025-0078

  • EPSS 0.03%
  • Veröffentlicht 26.08.2025 22:48:37
  • Zuletzt bearbeitet 02.09.2025 18:08:26

In main of main.cpp, there is a possible way to bypass SELinux due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

9.8

CVE-2025-0075

  • EPSS 0.19%
  • Veröffentlicht 26.08.2025 22:48:36
  • Zuletzt bearbeitet 02.09.2025 18:08:32

In process_service_search_attr_req of sdp_server.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed fo...

9.8

CVE-2025-0074

  • EPSS 0.19%
  • Veröffentlicht 26.08.2025 22:48:35
  • Zuletzt bearbeitet 02.09.2025 18:08:37

In process_service_attr_rsp of sdp_discovery.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for ex...

5.5

CVE-2024-49740

  • EPSS 0.01%
  • Veröffentlicht 26.08.2025 22:48:34
  • Zuletzt bearbeitet 02.09.2025 18:08:42

In multiple locations, there is a possible crash loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

8

CVE-2023-21125

  • EPSS 0.02%
  • Veröffentlicht 26.08.2025 22:48:27
  • Zuletzt bearbeitet 02.09.2025 18:08:50

In btif_hh_hsdata_rpt_copy_cb of bta_hh.cc, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege over Bluetooth with no additional execution privileges needed. User interaction is not nee...

5.5

CVE-2025-21024

  • EPSS 0.01%
  • Veröffentlicht 06.08.2025 04:23:42
  • Zuletzt bearbeitet 02.10.2025 17:29:47

Use of Implicit Intent for Sensitive Communication in Smart View prior to Android 16 allows local attackers to access sensitive information.