VYPR

Android SDK

by Google

CVEs (1,652)

  • CVE-2018-9566MedDec 6, 2018
    risk 0.37cvss 5.7epss 0.00

    In process_service_search_rsp of sdp_discovery.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure when connecting to a malicious Bluetooth device with no additional execution privileges needed. User…

  • CVE-2026-0043MedJun 1, 2026
    risk 0.36cvss 5.5epss 0.00

    In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2026-0042MedJun 1, 2026
    risk 0.36cvss 5.5epss 0.00

    In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2025-48600MedDec 8, 2025
    risk 0.36cvss 5.5epss 0.00

    In multiple files, there is a possible way to reveal information across users due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2022-20264MedOct 30, 2023
    risk 0.36cvss 5.5epss 0.00

    In Usage Stats Service, there is a possible way to determine whether an app is installed, without query permissions due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not…

  • CVE-2023-21211MedJun 28, 2023
    risk 0.36cvss 5.5epss 0.00

    In multiple files, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android…

  • CVE-2023-21205MedJun 28, 2023
    risk 0.36cvss 5.5epss 0.00

    In startWpsPinDisplayInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21200MedJun 28, 2023
    risk 0.36cvss 5.5epss 0.00

    In on_remove_iso_data_path of btm_iso_impl.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21198MedJun 28, 2023
    risk 0.36cvss 5.5epss 0.00

    In remove_sdp_record of btif_sdp_server.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21177MedJun 28, 2023
    risk 0.36cvss 5.5epss 0.00

    In requestAppKeyboardShortcuts of WindowManagerService.java, there is a possible way to infer the app a user is interacting with due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is…

  • CVE-2023-21173MedJun 28, 2023
    risk 0.36cvss 5.5epss 0.00

    In multiple methods of DataUsageList.java, there is a possible way to learn about admin user's network activities due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2023-21143MedJun 15, 2023
    risk 0.36cvss 5.5epss 0.00

    In multiple functions of multiple files, there is a possible way to make the device unusable due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21142MedJun 15, 2023
    risk 0.36cvss 5.5epss 0.00

    In multiple files, there is a possible way to access traces in the dev mode due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21141MedJun 15, 2023
    risk 0.36cvss 5.5epss 0.00

    In several functions of several files, there is a possible way to access developer mode traces due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21137MedJun 15, 2023
    risk 0.36cvss 5.5epss 0.00

    In several methods of JobStore.java, uncaught exceptions in job map parsing could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12…

  • CVE-2023-21136MedJun 15, 2023
    risk 0.36cvss 5.5epss 0.00

    In multiple functions of JobStore.java, there is a possible way to cause a crash on startup due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21105MedJun 15, 2023
    risk 0.36cvss 5.5epss 0.00

    In multiple functions of ChooserActivity.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21082MedApr 19, 2023
    risk 0.36cvss 5.5epss 0.00

    In getNumberFromCallIntent of NewOutgoingCallIntentBroadcaster.java, there is a possible way to enumerate other user's contact phone number due to a confused deputy. This could lead to local information disclosure with User execution privileges needed. User interaction is not…

  • CVE-2023-21080MedApr 19, 2023
    risk 0.36cvss 5.5epss 0.00

    In register_notification_rsp of btif_rc.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21033MedMar 24, 2023
    risk 0.36cvss 5.5epss 0.00

    In addNetwork of WifiManager.java, there is a possible way to trigger a persistent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

Page 54 of 83