Google ≫ Android

In handleRun of TextLine.java, there is a possible application crash due to improper input validation. This could lead to remote denial of service when processing Unicode with no additional execution privileges needed. User interaction is not needed ...

In setCpuVulkanInUse of GpuStats.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Produc...

In createSessionInternal of PackageInstallerService.java, there is a possible improper permission grant due to a missing permission check. This could lead to local escalation of privilege by installing malicious packages with User execution privilege...

In several functions of NotificationManagerService.java and related files, there is a possible way to record audio from the background without notification to the user due to a permission bypass. This could lead to local escalation of privilege with ...

In load_logging_config of qmi_vs_service.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for ex...

In the Bootloader, there is a possible kernel command injection due to missing command sanitization. This could lead to a local elevation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: A...

In BTA_DmPinReply of bta_dm_api.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Produc...

In createProjectionMapForQuery of TvProvider.java, there is possible SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersio...

In poisson_distribution of random, there is an out of bounds read. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 A...

In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Produ...