Android
by Google
CVEs (4,716)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-13263 | Hig | 0.47 | 7.3 | 0.00 | Apr 4, 2018 | A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 8.0, 8.1. Android ID: A-69383160. | ||
| CVE-2017-13307 | Hig | 0.47 | 7.3 | 0.00 | Apr 4, 2018 | A elevation of privilege vulnerability in the Upstream kernel pci sysfs. Product: Android. Versions: Android kernel. Android ID: A-69128924. | ||
| CVE-2017-13306 | Hig | 0.47 | 7.3 | 0.00 | Apr 4, 2018 | A elevation of privilege vulnerability in the Upstream kernel mnh driver. Product: Android. Versions: Android kernel. Android ID: A-70295063. | ||
| CVE-2016-3841 | Hig | 0.47 | 7.3 | 0.00 | Aug 6, 2016 | The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call. | ||
| CVE-2016-3850 | Hig | 0.47 | 7.3 | 0.00 | Aug 5, 2016 | Integer overflow in app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-08-05 on Nexus 5, 5X, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted header field in a boot image, aka Android internal bug 27917291 and Qualcomm internal bug… | ||
| CVE-2016-2497 | Hig | 0.47 | 7.3 | 0.01 | Aug 5, 2016 | services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal… | ||
| CVE-2016-0728 | Hig | 0.47 | 7.8 | 0.04 | Feb 8, 2016 | The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted… | ||
| CVE-2014-9322 | Hig | 0.47 | 7.8 | 0.01 | Dec 17, 2014 | arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the… | ||
| CVE-2024-49724 | Hig | 0.46 | 7.0 | 0.00 | Jan 21, 2025 | In multiple functions of AccountManagerService.java, there is a possible way to bypass permissions and launch protected activities due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed… | ||
| CVE-2018-9461 | Hig | 0.46 | 7.0 | 0.00 | Jan 18, 2025 | In onAttachFragment of ShareIntentActivity.java, there is a possible way for an app to read files in the messages app due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for… | ||
| CVE-2018-9468 | Hig | 0.46 | 7.1 | 0.00 | Nov 20, 2024 | In query of DownloadManager.java, there is a possible read/write of arbitrary files due to a permissions bypass. This could lead to local information disclosure and file rewriting with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2024-23716 | Hig | 0.46 | 7.0 | 0.00 | Sep 11, 2024 | In DevmemIntPFNotify of devicemem_server.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2024-34731 | Hig | 0.46 | 7.0 | 0.00 | Aug 15, 2024 | In multiple functions of TranscodingResourcePolicy.cpp, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2024-34725 | Hig | 0.46 | 7.0 | 0.00 | Jul 9, 2024 | In DevmemIntUnexportCtx of devicemem_server.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2024-34724 | Hig | 0.46 | 7.0 | 0.00 | Jul 9, 2024 | In _UnrefAndMaybeDestroy of pmr.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2024-31327 | Hig | 0.46 | 7.0 | 0.00 | Jul 9, 2024 | In multiple functions of MessageQueueBase.h, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2024-32920 | Hig | 0.46 | 7.1 | 0.00 | Jun 13, 2024 | In set_secure_reg of sac_handler.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of 4 bytes of stack memory with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2024-32917 | Hig | 0.46 | 7.1 | 0.00 | Jun 13, 2024 | In pl330_dma_from_peri_start() of fp_spi_dma.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||
| CVE-2024-32899 | Hig | 0.46 | 7.0 | 0.00 | Jun 13, 2024 | In gpu_pm_power_off_top_nolock of pixel_gpu_power.c, there is a possible compromise of protected memory due to a race condition. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for… | ||
| CVE-2024-32891 | Hig | 0.46 | 7.0 | 0.00 | Jun 13, 2024 | In sec_media_unprotect of media.c, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |
- risk 0.47cvss 7.3epss 0.00
A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 8.0, 8.1. Android ID: A-69383160.
- risk 0.47cvss 7.3epss 0.00
A elevation of privilege vulnerability in the Upstream kernel pci sysfs. Product: Android. Versions: Android kernel. Android ID: A-69128924.
- risk 0.47cvss 7.3epss 0.00
A elevation of privilege vulnerability in the Upstream kernel mnh driver. Product: Android. Versions: Android kernel. Android ID: A-70295063.
- risk 0.47cvss 7.3epss 0.00
The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call.
- risk 0.47cvss 7.3epss 0.00
Integer overflow in app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-08-05 on Nexus 5, 5X, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted header field in a boot image, aka Android internal bug 27917291 and Qualcomm internal bug…
- risk 0.47cvss 7.3epss 0.01
services/core/java/com/android/server/pm/PackageManagerService.java in the framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01 allows attackers to increase intent-filter priority via a crafted application, aka internal…
- risk 0.47cvss 7.8epss 0.04
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted…
- risk 0.47cvss 7.8epss 0.01
arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the…
- risk 0.46cvss 7.0epss 0.00
In multiple functions of AccountManagerService.java, there is a possible way to bypass permissions and launch protected activities due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed…
- risk 0.46cvss 7.0epss 0.00
In onAttachFragment of ShareIntentActivity.java, there is a possible way for an app to read files in the messages app due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…
- risk 0.46cvss 7.1epss 0.00
In query of DownloadManager.java, there is a possible read/write of arbitrary files due to a permissions bypass. This could lead to local information disclosure and file rewriting with no additional execution privileges needed. User interaction is not needed for exploitation.
- risk 0.46cvss 7.0epss 0.00
In DevmemIntPFNotify of devicemem_server.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
- risk 0.46cvss 7.0epss 0.00
In multiple functions of TranscodingResourcePolicy.cpp, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- risk 0.46cvss 7.0epss 0.00
In DevmemIntUnexportCtx of devicemem_server.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
- risk 0.46cvss 7.0epss 0.00
In _UnrefAndMaybeDestroy of pmr.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
- risk 0.46cvss 7.0epss 0.00
In multiple functions of MessageQueueBase.h, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- risk 0.46cvss 7.1epss 0.00
In set_secure_reg of sac_handler.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of 4 bytes of stack memory with no additional execution privileges needed. User interaction is not needed for exploitation.
- risk 0.46cvss 7.1epss 0.00
In pl330_dma_from_peri_start() of fp_spi_dma.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- risk 0.46cvss 7.0epss 0.00
In gpu_pm_power_off_top_nolock of pixel_gpu_power.c, there is a possible compromise of protected memory due to a race condition. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for…
- risk 0.46cvss 7.0epss 0.00
In sec_media_unprotect of media.c, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Page 125 of 236