VYPR

Android SDK

by Google

CVEs (1,763)

  • CVE-2026-0052MedJun 1, 2026
    risk 0.42cvss 6.5epss 0.00

    In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2026-0051MedJun 1, 2026
    risk 0.42cvss 6.5epss 0.00

    In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2026-0044MedJun 1, 2026
    risk 0.42cvss 6.5epss 0.00

    In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause the system to crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2026-0041MedJun 1, 2026
    risk 0.42cvss 6.5epss 0.00

    In multiple functions of ubsan_throwing_runtime.cpp, there is a possible UBSan failure due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2026-0040MedJun 1, 2026
    risk 0.42cvss 6.5epss 0.00

    In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2026-0039MedJun 1, 2026
    risk 0.42cvss 6.5epss 0.00

    In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2026-53131modJun 25, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: netfilter: require Ethernet MAC header before using eth_hdr()

  • CVE-2026-52920modJun 24, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: netfilter: xt_policy: fix strict mode inbound policy matching

  • CVE-2026-52935modJun 24, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: xfrm: espintcp: do not reuse an in-progress partial send

  • CVE-2026-52940modJun 24, 2026
    risk 0.39cvss 7.0epss 0.00

    kernel: tun: zero the whole vnet header in tun_put_user()

  • CVE-2026-46322HigJun 9, 2026
    risk 0.39cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: tun: free page on build_skb failure in tun_xdp_one() When build_skb() fails in tun_xdp_one(), the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that…

  • CVE-2026-46321HigJun 9, 2026
    risk 0.39cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tun_xdp_one() tun_xdp_one() returns -EINVAL on a frame shorter than ETH_HLEN without freeing the page that vhost_net_build_xdp() allocated for it. tun_sendmsg()…

  • CVE-2026-53091impJun 24, 2026
    risk 0.38cvss 7.0epss 0.00

    kernel: net: pull headers in qdisc_pkt_len_segs_init()

  • CVE-2016-0818MedMar 12, 2016
    risk 0.38cvss 5.9epss 0.00

    The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows…

  • CVE-2026-0043MedJun 1, 2026
    risk 0.36cvss 5.5epss 0.00

    In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2026-0042MedJun 1, 2026
    risk 0.36cvss 5.5epss 0.00

    In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2025-48600MedDec 8, 2025
    risk 0.36cvss 5.5epss 0.00

    In multiple files, there is a possible way to reveal information across users due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2016-3835MedAug 5, 2016
    risk 0.36cvss 5.5epss 0.00

    The secure-session feature in the mm-video-v4l2 venc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 mishandles heap pointers, which allows attackers to obtain sensitive information via a crafted…

  • CVE-2016-3810MedJul 11, 2016
    risk 0.36cvss 5.5epss 0.00

    The MediaTek Wi-Fi driver in Android before 2016-07-05 on Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28175522 and MediaTek internal bug ALPS02694389.

  • CVE-2016-3809MedJul 11, 2016
    risk 0.36cvss 5.5epss 0.00

    The networking component in Android before 2016-07-05 on Android One, Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 7 (2013), Nexus 9, Nexus Player, and Pixel C devices allows attackers to obtain sensitive information via a crafted application, aka internal bug 27532522.

Page 3 of 89