VYPR

Android

by Google

CVEs (4,717)

  • CVE-2024-23713May 7, 2024
    risk 0.00cvss epss 0.00

    In migrateNotificationFilter of NotificationManagerService.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is…

  • CVE-2024-23712May 7, 2024
    risk 0.00cvss epss 0.00

    In multiple functions of AppOpsService.java, there is a possible way to saturate the content of /data/system/appops_accesses.xml due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed…

  • CVE-2024-23710May 7, 2024
    risk 0.00cvss epss 0.00

    In assertPackageWithSharedUserIdIsPrivileged of InstallPackageHelper.java, there is a possible execution of arbitrary app code as a privileged app due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed.…

  • CVE-2024-23704May 7, 2024
    risk 0.00cvss epss 0.00

    In onCreate of WifiDialogActivity.java, there is a possible way to bypass the DISALLOW_ADD_WIFI_CONFIG restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed…

  • CVE-2024-0042May 7, 2024
    risk 0.00cvss epss 0.00

    In TBD of TBD, there is a possible confusion of OEM and DRM certificates due to improperly used crypto. This could lead to local bypass of DRM content protection with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-0027May 7, 2024
    risk 0.00cvss epss 0.00

    In multiple functions of SnoozeHelper.java, there is a possible way to cause a boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-0026May 7, 2024
    risk 0.00cvss epss 0.00

    In multiple functions of SnoozeHelper.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-0022May 7, 2024
    risk 0.00cvss epss 0.00

    In multiple functions of CompanionDeviceManagerService.java, there is a possible launch NotificationAccessConfirmationActivity of another user profile due to improper input validation. This could lead to local information disclosure with no additional execution privileges…

  • CVE-2024-29783Apr 5, 2024
    risk 0.00cvss epss 0.00

    In tmu_get_tr_thresholds, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29782Apr 5, 2024
    risk 0.00cvss epss 0.00

    In tmu_get_tr_num_thresholds of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29757Apr 5, 2024
    risk 0.00cvss epss 0.00

    there is a possible permission bypass due to Debug certs being allowlisted. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29756Apr 5, 2024
    risk 0.00cvss epss 0.00

    In afe_callback of q6afe.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29755Apr 5, 2024
    risk 0.00cvss epss 0.00

    In tmu_get_pi of tmu.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29754Apr 5, 2024
    risk 0.00cvss epss 0.00

    In TMU_IPC_GET_TABLE, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29753Apr 5, 2024
    risk 0.00cvss epss 0.00

    In tmu_set_control_temp_step of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29752Apr 5, 2024
    risk 0.00cvss epss 0.00

    In tmu_set_tr_num_thresholds of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29751Apr 5, 2024
    risk 0.00cvss epss 0.00

    In asn1_ec_pkey_parse_p384 of asn1_common.c, there is a possible OOB Read due to a missing null check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29750Apr 5, 2024
    risk 0.00cvss epss 0.00

    In km_exp_did_inner of kmv.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29749Apr 5, 2024
    risk 0.00cvss epss 0.00

    In tmu_set_tr_thresholds of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29747Apr 5, 2024
    risk 0.00cvss epss 0.00

    In _dvfs_get_lv of dvfs.c, there is a possible out of bounds read due to a missing null check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Page 228 of 236