Google

Android

8032 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2024-49730

  • EPSS 0.01%
  • Veröffentlicht 02.09.2025 22:11:07
  • Zuletzt bearbeitet 04.09.2025 16:40:08

In FuseDaemon.cpp, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

5.5

CVE-2024-49728

  • EPSS 0.01%
  • Veröffentlicht 02.09.2025 22:11:06
  • Zuletzt bearbeitet 04.09.2025 16:40:12

In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible cross user media disclosure due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not ne...

5.5

CVE-2024-49722

  • EPSS 0.01%
  • Veröffentlicht 02.09.2025 22:11:05
  • Zuletzt bearbeitet 04.09.2025 17:47:47

In showAvatarPicker of EditUserPhotoController.java, there is a possible cross user image leak due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed fo...

7.8

CVE-2024-49720

  • EPSS 0.01%
  • Veröffentlicht 02.09.2025 22:11:04
  • Zuletzt bearbeitet 04.09.2025 17:47:36

In multiple functions of Permissions.java, there is a possible way to override the state of the user's location permissions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges nee...

7.3

CVE-2024-40653

  • EPSS 0.03%
  • Veröffentlicht 02.09.2025 22:11:03
  • Zuletzt bearbeitet 04.09.2025 17:47:27

In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privilege...

6.7

CVE-2025-20707

  • EPSS 0.01%
  • Veröffentlicht 01.09.2025 05:12:24
  • Zuletzt bearbeitet 03.09.2025 16:06:46

In geniezone, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALP...

7.8

CVE-2025-20706

  • EPSS 0.01%
  • Veröffentlicht 01.09.2025 05:12:22
  • Zuletzt bearbeitet 03.09.2025 16:06:51

In mbrain, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09...

7.8

CVE-2025-20705

  • EPSS 0.01%
  • Veröffentlicht 01.09.2025 05:12:21
  • Zuletzt bearbeitet 03.09.2025 16:07:32

In monitor_hang, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ...

4

CVE-2025-26417

  • EPSS 0.02%
  • Veröffentlicht 26.08.2025 22:48:58
  • Zuletzt bearbeitet 02.09.2025 17:59:29

In checkWhetherCallingAppHasAccess of DownloadProvider.java, there is a possible bypass of user consent when opening files in shared storage due to a confused deputy. This could lead to local information disclosure with no additional execution privil...

4

CVE-2025-22413

  • EPSS 0.01%
  • Veröffentlicht 26.08.2025 22:48:57
  • Zuletzt bearbeitet 02.09.2025 17:59:41

In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploit...