Google

Android

7776 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2024-0023

  • EPSS 2.84%
  • Veröffentlicht 16.02.2024 20:15:47
  • Zuletzt bearbeitet 16.12.2024 18:52:54

In ConvertRGBToPlanarYUV of Codec2BufferUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not need...

7.8

CVE-2023-21165

  • EPSS 0.02%
  • Veröffentlicht 16.02.2024 19:15:08
  • Zuletzt bearbeitet 16.12.2024 14:46:05

In DevmemIntUnmapPMR of devicemem_server.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not n...

5.5

CVE-2023-40085

  • EPSS 0.03%
  • Veröffentlicht 16.02.2024 19:15:08
  • Zuletzt bearbeitet 16.12.2024 14:42:50

In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for e...

7.8

CVE-2024-0015

  • EPSS 3.01%
  • Veröffentlicht 16.02.2024 19:15:08
  • Zuletzt bearbeitet 14.03.2025 18:15:26

In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is no...

7.8

CVE-2024-0036

  • EPSS 0%
  • Veröffentlicht 16.02.2024 02:15:51
  • Zuletzt bearbeitet 16.12.2024 15:58:38

In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to bypass the restrictions on starting activities from the background due to a logic error in the code. This could lead to local escalation of privilege with no ...

3.3

CVE-2024-0037

  • EPSS 0.02%
  • Veröffentlicht 16.02.2024 02:15:51
  • Zuletzt bearbeitet 03.12.2024 16:15:20

In applyCustomDescription of SaveUi.java, there is a possible way to view images belonging to a different user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction ...

7.8

CVE-2024-0038

  • EPSS 0.03%
  • Veröffentlicht 16.02.2024 02:15:51
  • Zuletzt bearbeitet 16.12.2024 19:02:43

In injectInputEventToInputFilter of AccessibilityManagerService.java, there is a possible arbitrary input event injection due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges need...

7.5

CVE-2024-0040

  • EPSS 18.37%
  • Veröffentlicht 16.02.2024 02:15:51
  • Zuletzt bearbeitet 16.12.2024 19:16:31

In setParameter of MtpPacket.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

7

CVE-2024-0041

  • EPSS 0.02%
  • Veröffentlicht 16.02.2024 02:15:51
  • Zuletzt bearbeitet 28.03.2025 16:15:27

In removePersistentDot of SystemStatusAnimationSchedulerImpl.kt, there is a possible race condition due to a logic error in the code. This could lead to local escalation of privilege that fails to remove the persistent dot with no additional executio...

3.3

CVE-2023-40122

  • EPSS 0.05%
  • Veröffentlicht 16.02.2024 02:15:50
  • Zuletzt bearbeitet 26.11.2024 16:32:40

In applyCustomDescription of SaveUi.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...