Google

Android

8158 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.08%
  • Veröffentlicht 11.09.2024 00:15:11
  • Zuletzt bearbeitet 18.03.2025 21:15:28

In bindAndGetCallIdentification of CallScreeningServiceHelper.java, there is a possible way to maintain a while-in-use permission in the background due to a permissions bypass. This could lead to local escalation of privilege with no additional execu...

  • EPSS 0.08%
  • Veröffentlicht 11.09.2024 00:15:11
  • Zuletzt bearbeitet 17.12.2024 19:10:01

In handleCreateConferenceComplete of ConnectionServiceWrapper.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User i...

  • EPSS 0.08%
  • Veröffentlicht 11.09.2024 00:15:11
  • Zuletzt bearbeitet 17.12.2024 19:10:57

In addPreferencesForType of AccountTypePreferenceLoader.java, there is a possible way to disable apps for other users due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User inte...

  • EPSS 0.11%
  • Veröffentlicht 11.09.2024 00:15:11
  • Zuletzt bearbeitet 17.12.2024 19:07:48

In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f...

  • EPSS 0.08%
  • Veröffentlicht 11.09.2024 00:15:11
  • Zuletzt bearbeitet 17.12.2024 19:07:45

In getRegistration of RemoteProvisioningService.java, there is a possible way to permanently disable the AndroidKeyStore key generation feature by updating the attestation keys of all installed apps due to improper input validation. This could lead t...

  • EPSS 0.1%
  • Veröffentlicht 11.09.2024 00:15:11
  • Zuletzt bearbeitet 17.12.2024 19:07:42

In scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for explo...

  • EPSS 0.08%
  • Veröffentlicht 11.09.2024 00:15:10
  • Zuletzt bearbeitet 17.12.2024 19:08:12

In DevmemIntPFNotify of devicemem_server.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for ...

  • EPSS 0.08%
  • Veröffentlicht 02.09.2024 05:15:15
  • Zuletzt bearbeitet 05.09.2024 14:26:34

In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue I...

  • EPSS 0.08%
  • Veröffentlicht 02.09.2024 05:15:15
  • Zuletzt bearbeitet 05.09.2024 14:26:51

In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932916; Issue I...

  • EPSS 0.1%
  • Veröffentlicht 02.09.2024 05:15:15
  • Zuletzt bearbeitet 13.03.2025 19:15:41

In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932099; Iss...