Android SDK
by Google
CVEs (1,652)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-2020 | Med | 0.42 | 6.5 | 0.01 | Jun 19, 2019 | In llcp_dlc_proc_rr_rnr_pdu of llcp_dlc.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2019-2019 | Med | 0.42 | 6.5 | 0.01 | Jun 19, 2019 | In ce_t4t_data_cback of ce_t4t.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2018-9564 | Med | 0.42 | 6.5 | 0.01 | Jun 19, 2019 | In llcp_util_parse_link_params of llcp_util.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:… | ||
| CVE-2018-9563 | Med | 0.42 | 6.5 | 0.01 | Jun 19, 2019 | In llcp_util_parse_cc of llcp_util.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2018-9561 | Med | 0.42 | 6.5 | 0.01 | Jun 19, 2019 | In llcp_util_parse_connect of llcp_util.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2019-1996 | Med | 0.42 | 6.5 | 0.00 | Feb 28, 2019 | In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.… | ||
| CVE-2018-9594 | Med | 0.42 | 6.5 | 0.00 | Feb 11, 2019 | In llcp_link_proc_agf_pdu of llcp_link.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure over NFC with no additional… | ||
| CVE-2018-9593 | Med | 0.42 | 6.5 | 0.00 | Feb 11, 2019 | In llcp_dlc_proc_i_pdu of llcp_dlc.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over NFC with no additional… | ||
| CVE-2018-9588 | Med | 0.42 | 6.5 | 0.01 | Feb 11, 2019 | In avdt_scb_hdl_report of avdt_scb_act.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no… | ||
| CVE-2018-9347 | Med | 0.42 | 6.5 | 0.01 | Nov 14, 2018 | In function SMF_ParseMetaEvent of file eas_smf.c there is incorrect input validation causing an infinite loop. This could lead to a remote temporary DoS with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:… | ||
| CVE-2026-53131 | mod | 0.39 | 7.0 | 0.00 | Jun 25, 2026 | kernel: netfilter: require Ethernet MAC header before using eth_hdr() | ||
| CVE-2026-52935 | mod | 0.39 | 7.0 | 0.00 | Jun 24, 2026 | kernel: xfrm: espintcp: do not reuse an in-progress partial send | ||
| CVE-2026-52920 | mod | 0.39 | 7.0 | 0.00 | Jun 24, 2026 | kernel: netfilter: xt_policy: fix strict mode inbound policy matching | ||
| CVE-2026-52940 | mod | 0.39 | 7.0 | 0.00 | Jun 24, 2026 | kernel: tun: zero the whole vnet header in tun_put_user() | ||
| CVE-2026-46322 | Hig | 0.39 | 7.1 | 0.00 | Jun 9, 2026 | In the Linux kernel, the following vulnerability has been resolved: tun: free page on build_skb failure in tun_xdp_one() When build_skb() fails in tun_xdp_one(), the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that… | ||
| CVE-2026-46321 | Hig | 0.39 | 7.1 | 0.00 | Jun 9, 2026 | In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tun_xdp_one() tun_xdp_one() returns -EINVAL on a frame shorter than ETH_HLEN without freeing the page that vhost_net_build_xdp() allocated for it. tun_sendmsg()… | ||
| CVE-2026-53091 | imp | 0.38 | 7.0 | 0.00 | Jun 24, 2026 | kernel: net: pull headers in qdisc_pkt_len_segs_init() | ||
| CVE-2019-9399 | Med | 0.38 | 5.9 | 0.00 | Sep 27, 2019 | The Print Service is susceptible to man in the middle attacks due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions:… | ||
| CVE-2016-0818 | Med | 0.38 | 5.9 | 0.00 | Mar 12, 2016 | The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows… | ||
| CVE-2020-0379 | Med | 0.37 | 5.7 | 0.00 | Sep 17, 2020 | In the Bluetooth service, there is a possible spoofing attack due to a logic error. This could lead to remote information disclosure of sensitive information with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:… |
- risk 0.42cvss 6.5epss 0.01
In llcp_dlc_proc_rr_rnr_pdu of llcp_dlc.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction needed for exploitation.Product: AndroidVersions:…
- risk 0.42cvss 6.5epss 0.01
In ce_t4t_data_cback of ce_t4t.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…
- risk 0.42cvss 6.5epss 0.01
In llcp_util_parse_link_params of llcp_util.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:…
- risk 0.42cvss 6.5epss 0.01
In llcp_util_parse_cc of llcp_util.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…
- risk 0.42cvss 6.5epss 0.01
In llcp_util_parse_connect of llcp_util.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…
- risk 0.42cvss 6.5epss 0.00
In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.…
- risk 0.42cvss 6.5epss 0.00
In llcp_link_proc_agf_pdu of llcp_link.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure over NFC with no additional…
- risk 0.42cvss 6.5epss 0.00
In llcp_dlc_proc_i_pdu of llcp_dlc.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over NFC with no additional…
- risk 0.42cvss 6.5epss 0.01
In avdt_scb_hdl_report of avdt_scb_act.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no…
- risk 0.42cvss 6.5epss 0.01
In function SMF_ParseMetaEvent of file eas_smf.c there is incorrect input validation causing an infinite loop. This could lead to a remote temporary DoS with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:…
- risk 0.39cvss 7.0epss 0.00
kernel: netfilter: require Ethernet MAC header before using eth_hdr()
- risk 0.39cvss 7.0epss 0.00
kernel: xfrm: espintcp: do not reuse an in-progress partial send
- risk 0.39cvss 7.0epss 0.00
kernel: netfilter: xt_policy: fix strict mode inbound policy matching
- risk 0.39cvss 7.0epss 0.00
kernel: tun: zero the whole vnet header in tun_put_user()
- risk 0.39cvss 7.1epss 0.00
In the Linux kernel, the following vulnerability has been resolved: tun: free page on build_skb failure in tun_xdp_one() When build_skb() fails in tun_xdp_one(), the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that…
- risk 0.39cvss 7.1epss 0.00
In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tun_xdp_one() tun_xdp_one() returns -EINVAL on a frame shorter than ETH_HLEN without freeing the page that vhost_net_build_xdp() allocated for it. tun_sendmsg()…
- risk 0.38cvss 7.0epss 0.00
kernel: net: pull headers in qdisc_pkt_len_segs_init()
- risk 0.38cvss 5.9epss 0.00
The Print Service is susceptible to man in the middle attacks due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions:…
- risk 0.38cvss 5.9epss 0.00
The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows…
- risk 0.37cvss 5.7epss 0.00
In the Bluetooth service, there is a possible spoofing attack due to a logic error. This could lead to remote information disclosure of sensitive information with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…
Page 53 of 83