VYPR

Android

by Google

CVEs (4,717)

  • CVE-2024-56187MedMar 10, 2025
    risk 0.43cvss 6.6epss 0.00

    In ppcfw_deny_sec_dram_access of ppcfw.c, there is a possible arbitrary read from TEE memory due to a logic error in the code. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2015-6643MedJan 6, 2016
    risk 0.43cvss 6.6epss 0.00

    Setup Wizard in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows physically proximate attackers to modify settings or bypass a reset protection mechanism via unspecified vectors, aka internal bug 25290269.

  • CVE-2026-0080MedJun 1, 2026
    risk 0.42cvss 6.5epss 0.00

    In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2026-0051MedJun 1, 2026
    risk 0.42cvss 6.5epss 0.00

    In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2026-0044MedJun 1, 2026
    risk 0.42cvss 6.5epss 0.00

    In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause the system to crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2026-0041MedJun 1, 2026
    risk 0.42cvss 6.5epss 0.00

    In multiple functions of ubsan_throwing_runtime.cpp, there is a possible UBSan failure due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-40673MedJan 28, 2025
    risk 0.42cvss 6.5epss 0.00

    In Source of ZipFile.java, there is a possible way for an attacker to execute arbitrary code by manipulating Dynamic Code Loading due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not…

  • CVE-2024-43763MedJan 21, 2025
    risk 0.42cvss 6.5epss 0.00

    In build_read_multi_rsp of gatt_sr.cc, there is a possible denial of service due to a logic error in the code. This could lead to remote (proximal/adjacent) denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2018-9429MedDec 2, 2024
    risk 0.42cvss 6.5epss 0.00

    In buildImageItemsIfPossible of ItemTable.cpp there is a possible out of bound read due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

  • CVE-2018-9423MedDec 2, 2024
    risk 0.42cvss 6.5epss 0.00

    In ihevcd_parse_slice_header of ihevcd_parse_slice_header.c there is a possible out of bound read due to missing bounds check. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

  • CVE-2018-9354MedNov 27, 2024
    risk 0.42cvss 6.5epss 0.00

    In VideoFrameScheduler.cpp of VideoFrameScheduler::PLL::fit, there is a possible remote denial of service due to divide by 0. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

  • CVE-2018-9353MedNov 27, 2024
    risk 0.42cvss 6.5epss 0.00

    In ihevcd_parse_slice_data of ihevcd_parse_slice.c there is a possible heap buffer out of bound read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

  • CVE-2018-9352MedNov 27, 2024
    risk 0.42cvss 6.5epss 0.00

    In ihevcd_allocate_dynamic_bufs of ihevcd_api.c there is a possible resource exhaustion due to integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

  • CVE-2018-9351MedNov 27, 2024
    risk 0.42cvss 6.5epss 0.00

    In ih264e_fmt_conv_420p_to_420sp of ih264e_fmt_conv.c there is a possible out of bound read due to missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

  • CVE-2018-9350MedNov 27, 2024
    risk 0.42cvss 6.5epss 0.00

    In ih264d_assign_pic_num of ih264d_utils.c there is a possible out of bound read due to missing bounds check. This could lead to a denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

  • CVE-2018-9349MedNov 27, 2024
    risk 0.42cvss 6.5epss 0.00

    In mv_err_cost of mcomp.c there is a possible out of bounds read due to missing bounds check. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

  • CVE-2017-13320MedNov 27, 2024
    risk 0.42cvss 6.5epss 0.00

    In impeg2d_bit_stream_flush() of libmpeg2dec there is a possible OOB read due to a missing bounds check. This could lead to Remote DoS with no additional execution privileges needed. User interaction is needed for exploitation.

  • CVE-2018-9486MedNov 20, 2024
    risk 0.42cvss 6.5epss 0.00

    In hidh_l2cif_data_ind of hidh_conn.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2018-9485MedNov 20, 2024
    risk 0.42cvss 6.5epss 0.00

    In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2018-9483MedNov 20, 2024
    risk 0.42cvss 6.5epss 0.00

    In bta_dm_remove_sec_dev_entry of bta_dm_act.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.

Page 144 of 236