VYPR

Android SDK

by Google

CVEs (1,763)

  • CVE-2016-2424MedApr 18, 2016
    risk 0.36cvss 5.5epss 0.00

    server/content/SyncStorageEngine.java in SyncStorageEngine in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 mismanages certain authority data, which allows attackers to cause a denial of service (reboot loop) via a crafted…

  • CVE-2016-0831MedMar 12, 2016
    risk 0.36cvss 5.5epss 0.00

    The getDeviceIdForPhone function in internal/telephony/PhoneSubInfoController.java in Telephony in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not check for the READ_PHONE_STATE permission, which allows attackers to obtain sensitive information via a crafted…

  • CVE-2026-53221modJun 25, 2026
    risk 0.29cvss 5.5epss 0.01

    kernel: ip6_vti: fix incorrect tunnel matching in vti6_tnl_lookup()

  • CVE-2026-53219modJun 25, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: netfilter: x_tables: avoid leaking percpu counter pointers

  • CVE-2026-52927modJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: netfilter: ebtables: fix OOB read in compat_mtw_from_user

  • CVE-2026-53125lowJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: md: fix array_state=clear sysfs deadlock

  • CVE-2026-52915modJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: netfilter: ip6t_hbh: reject oversized option lists

  • CVE-2026-52925modJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: vrf: Fix a potential NPD when removing a port from a VRF

  • CVE-2026-46261MedJun 3, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcm_fiu_probe() platform_get_resource_byname() can return NULL, which would cause a crash when passed the pointer to resource_size(). Move the…

  • CVE-2026-46256MedJun 3, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: NFS/localio: prevent direct reclaim recursion into NFS via nfs_writepages LOCALIO is an NFS loopback mount optimization that avoids using the network for READ, WRITE and COMMIT if the NFS client and server are…

  • CVE-2025-71313MedJun 3, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for alloc_workqueue() alloc_workqueue() can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when…

  • CVE-2016-0821MedMar 12, 2016
    risk 0.29cvss 5.5epss 0.00

    The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in Android 6.0.1 before 2016-03-01, does not properly consider the relationship to the mmap_min_addr value, which makes it easier for attackers to bypass a poison-pointer protection…

  • CVE-2026-46272MedJun 3, 2026
    risk 0.24cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: coresight: tmc-etr: Fix race condition between sysfs and perf mode When trying to run perf and sysfs mode simultaneously, the WARN_ON() in tmc_etr_enable_hw() is triggered sometimes: WARNING: CPU: 42 PID:…

  • CVE-2026-0050LowJun 1, 2026
    risk 0.21cvss 3.3epss 0.00

    In handleBondStateChanged of AdapterService.java, there is a possible sensitive information disclosure due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21237KEVJun 28, 2023
    risk 0.12cvss epss 0.00

    In applyRemoteView of NotificationContentInflater.java, there is a possible way to hide foreground service notification due to misleading or insufficient UI. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not…

  • CVE-2023-20963KEVMar 24, 2023
    risk 0.12cvss epss 0.01

    In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID:…

  • CVE-2019-2107Jul 8, 2019
    risk 0.06cvss epss 0.09

    In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…

  • CVE-2019-1999Feb 28, 2019
    risk 0.03cvss epss 0.01

    In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android.…

  • CVE-2019-2000Feb 28, 2019
    risk 0.03cvss epss 0.01

    In several functions of binder.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android…

  • CVE-2018-9488Nov 6, 2018
    risk 0.03cvss epss 0.00

    In the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing restriction. This could lead to a local escalation of privilege, with System privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0…

Page 4 of 89