VYPR

Android

by Google

CVEs (4,717)

  • CVE-2023-21171MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    In verifyInputEvent of InputDispatcher.cpp, there is a possible way to conduct click fraud due to side channel information disclosure. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for…

  • CVE-2023-21116MedMay 15, 2023
    risk 0.44cvss 6.7epss 0.00

    In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is…

  • CVE-2023-21075MedMar 24, 2023
    risk 0.44cvss 6.7epss 0.00

    In get_svc_hash of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-21052MedMar 24, 2023
    risk 0.44cvss 6.7epss 0.00

    In setToExternal of ril_external_client.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21051MedMar 24, 2023
    risk 0.44cvss 6.7epss 0.00

    In dwc3_exynos_clk_get of dwc3-exynos.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21050MedMar 24, 2023
    risk 0.44cvss 6.7epss 0.00

    In load_png_image of ExynosHWCHelper.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-20926MedMar 24, 2023
    risk 0.44cvss 6.8epss 0.00

    In onParentVisible of HeaderPrivacyIconsController.kt, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional…

  • CVE-2023-20924MedJan 26, 2023
    risk 0.44cvss 6.8epss 0.00

    In (TBD) of (TBD), there is a possible way to bypass the lockscreen due to Biometric Auth Failure. This could lead to local escalation of privilege with physical access to the device with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-42519MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In CdmaBroadcastSmsConfigsRequestData::encode of cdmasmsdata.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20581MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In the Pixel camera driver, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2022-20578MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In RadioImpl::setGsmBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20576MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In externalOnRequest of rilapplication.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20572MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20564MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In _ufdt_output_strtab_to_fdt of ufdt_convert.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20557MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In MessageQueueBase of MessageQueueBase.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20554MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In removeEventHubDevice of InputDevice.cpp, there is a possible OOB read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android…

  • CVE-2022-20549MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In authToken2AidlVec of KeyMintUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20546MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In getCurrentConfigImpl of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20539MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In parameterToHal of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the audio server with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20505MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitationProduct: AndroidVersions:…

Page 140 of 236