VYPR

Vendor CVEs

Google

All CVEs

11,416 total · sorted by risk
  • CVE-2025-26443HigSep 4, 2025
    risk 0.47cvss 7.3epss 0.00

    In parseHtml of HtmlToSpannedParser.java, there is a possible way to install apps without allowing installation from unknown sources due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User…

  • CVE-2025-36907HigSep 4, 2025
    risk 0.47cvss 7.3epss 0.00

    In draw_surface_image() of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege via USB fastboot, after a bootloader unlock, with no additional execution privileges needed. User…

  • CVE-2025-22439HigSep 2, 2025
    risk 0.47cvss 7.3epss 0.00

    In onLastAccessedStackLoaded of ActionHandler.java , there is a possible way to bypass storage restrictions across apps due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed…

  • CVE-2025-22427HigSep 2, 2025
    risk 0.47cvss 7.3epss 0.00

    In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to grant notification access above the lock screen due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User…

  • CVE-2025-22419HigSep 2, 2025
    risk 0.47cvss 7.3epss 0.00

    In multiple locations, there is a possible way to mislead the user into enabling malicious phone calls forwarding due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…

  • CVE-2025-22417HigSep 2, 2025
    risk 0.47cvss 7.3epss 0.00

    In finishTransition of Transition.java, there is a possible way to bypass touch filtering restrictions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

  • CVE-2024-40653HigSep 2, 2025
    risk 0.47cvss 7.3epss 0.00

    In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is…

  • CVE-2018-9370HigNov 19, 2024
    risk 0.47cvss 7.3epss 0.00

    In download.c there is a special mode allowing user to download data into memory and causing possible memory corruptions due to missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for…

  • CVE-2018-9369HigNov 19, 2024
    risk 0.47cvss 7.3epss 0.00

    In bootloader there is fastboot command allowing user specified kernel command line arguments. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

  • CVE-2024-31331HigJul 9, 2024
    risk 0.47cvss 7.3epss 0.00

    In setMimeGroup of PackageManagerService.java, there is a possible way to hide the service from Settings due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.

  • CVE-2024-31324HigJul 9, 2024
    risk 0.47cvss 7.3epss 0.00

    In hide of WindowState.java, there is a possible way to bypass tapjacking/overlay protection by launching the activity in portrait mode first and then rotating it to landscape mode. This could lead to local escalation of privilege with User execution privileges needed. User…

  • CVE-2024-29757HigApr 5, 2024
    risk 0.47cvss 7.3epss 0.00

    there is a possible permission bypass due to Debug certs being allowlisted. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-45780HigOct 30, 2023
    risk 0.47cvss 7.3epss 0.00

    In Print Service, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

  • CVE-2023-35649HigOct 11, 2023
    risk 0.47cvss 7.2epss 0.00

    In several functions of Exynos modem files, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-35691HigJul 13, 2023
    risk 0.47cvss 7.2epss 0.00

    there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21251HigJul 13, 2023
    risk 0.47cvss 7.3epss 0.00

    In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.

  • CVE-2023-21189HigJun 28, 2023
    risk 0.47cvss 7.3epss 0.00

    In startLockTaskMode of LockTaskController.java, there is a possible bypass of lock task mode due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2023-21054HigMar 24, 2023
    risk 0.47cvss 7.2epss 0.01

    In EUTRAN_LCS_ConvertLCS_MOLRReq of LPP_CommonUtil.c, there is a possible out of bounds write due to a logic error in the code. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-20976HigMar 24, 2023
    risk 0.47cvss 7.3epss 0.00

    In getConfirmationMessage of DefaultAutofillPicker.java, there is a possible way to mislead the user to select default autofill application due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User…

  • CVE-2023-20921HigJan 26, 2023
    risk 0.47cvss 7.3epss 0.00

    In onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically grant accessibility services due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is…

  • CVE-2022-20603HigDec 16, 2022
    risk 0.47cvss 7.2epss 0.01

    In SetDecompContextDb of RohcDeCompContextOfRbId.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20501HigDec 13, 2022
    risk 0.47cvss 7.3epss 0.00

    In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction…

  • CVE-2022-20442HigDec 13, 2022
    risk 0.47cvss 7.3epss 0.00

    In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a separate app with API level < 23 due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is…

  • CVE-2022-20193HigJun 15, 2022
    risk 0.47cvss 7.3epss 0.00

    In getUniqueUsagesWithLabels of PermissionUsageHelper.java, there is a possible incorrect permission attribution due to a logic error in the code. This could lead to local escalation of privilege by conflating apps with User execution privileges needed. User interaction is…

  • CVE-2022-20137HigJun 15, 2022
    risk 0.47cvss 7.3epss 0.00

    In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…

  • CVE-2022-20126HigJun 15, 2022
    risk 0.47cvss 7.3epss 0.00

    In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode without user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…

  • CVE-2021-39691HigJun 15, 2022
    risk 0.47cvss 7.3epss 0.00

    In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when processing user input. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2021-39796HigApr 12, 2022
    risk 0.47cvss 7.3epss 0.00

    In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick victim to install harmful app due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed…

  • CVE-2021-39625HigJan 14, 2022
    risk 0.47cvss 7.3epss 0.00

    In showCarrierAppInstallationNotification of EuiccNotificationManager.java, there is a possible way to gain an access to MediaProvider content due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction…

  • CVE-2021-1021HigDec 15, 2021
    risk 0.47cvss 7.3epss 0.00

    In snoozeNotificationInt of NotificationManagerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed…

  • CVE-2021-1020HigDec 15, 2021
    risk 0.47cvss 7.3epss 0.00

    In snoozeNotification of NotificationListenerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed…

  • CVE-2021-1019HigDec 15, 2021
    risk 0.47cvss 7.3epss 0.00

    In snoozeNotification of NotificationListenerService.java, there is a possible permission confusion due to a misleading user consent dialog. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…

  • CVE-2021-1016HigDec 15, 2021
    risk 0.47cvss 7.3epss 0.00

    In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB without informed user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed…

  • CVE-2021-0954HigDec 15, 2021
    risk 0.47cvss 7.3epss 0.00

    In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10…

  • CVE-2021-0769HigDec 15, 2021
    risk 0.47cvss 7.3epss 0.00

    In onCreate of AllowBindAppWidgetActivity.java, there is a possible bypass of user interaction requirements due to unclear UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2021-0434HigDec 15, 2021
    risk 0.47cvss 7.3epss 0.00

    In onReceive of BluetoothPermissionRequest.java, there is a possible phishing attack allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the user in the consent dialog. This could lead to local escalation of privilege with…

  • CVE-2021-0583HigOct 11, 2021
    risk 0.47cvss 7.3epss 0.00

    In onCreate of BluetoothPairingDialog, there is a possible way to enable Bluetooth without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…

  • CVE-2021-0598HigOct 6, 2021
    risk 0.47cvss 7.3epss 0.00

    In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2021-0591HigAug 17, 2021
    risk 0.47cvss 7.3epss 0.00

    In sendReplyIntentToReceiver of BluetoothPermissionActivity.java, there is a possible way to invoke privileged broadcast receivers due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…

  • CVE-2021-0553HigJun 22, 2021
    risk 0.47cvss 7.3epss 0.00

    In onBindViewHolder of AppSwitchPreference.java, there is a possible bypass of device admin setttings due to unclear UI. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0538HigJun 22, 2021
    risk 0.47cvss 7.3epss 0.00

    In onCreate of EmergencyCallbackModeExitDialog.java, there is a possible exit of emergency callback mode due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…

  • CVE-2021-0537HigJun 22, 2021
    risk 0.47cvss 7.3epss 0.00

    In onCreate of WiFiInstaller.java, there is a possible way to install a malicious Hotspot 2.0 configuration due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for…

  • CVE-2021-0506HigJun 21, 2021
    risk 0.47cvss 7.3epss 0.00

    In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2021-0446HigApr 13, 2021
    risk 0.47cvss 7.3epss 0.00

    In ImportVCardActivity, there is a possible way to bypass user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0333HigFeb 10, 2021
    risk 0.47cvss 7.3epss 0.00

    In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. This could lead to local escalation of privilege with User execution…

  • CVE-2021-0331HigFeb 10, 2021
    risk 0.47cvss 7.3epss 0.00

    In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. This could lead to local escalation of privilege and notification access with User execution privileges needed. User interaction is needed for…

  • CVE-2021-0319HigJan 11, 2021
    risk 0.47cvss 7.3epss 0.00

    In checkCallerIsSystemOr of CompanionDeviceManagerService.java, there is a possible way to get a nearby Bluetooth device's MAC address without appropriate permissions due to a permissions bypass. This could lead to local escalation of privilege that grants access to nearby MAC…

  • CVE-2020-0271HigSep 18, 2020
    risk 0.47cvss 7.3epss 0.00

    In the Settings app, there is an insecure default value. This could lead to local escalation of privilege and tapjacking with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-144507081

  • CVE-2020-0133HigJun 11, 2020
    risk 0.47cvss 7.3epss 0.00

    In MockLocationAppPreferenceController.java, it is possible to mock the GPS location of the device due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2019-2216HigMar 15, 2020
    risk 0.47cvss 7.3epss 0.00

    In overlay notifications, there is a possible hidden notification due to improper input validation. This could lead to a local escalation of privilege because the user is not notified of an overlaying app, with User execution privileges needed. User interaction is needed for…

Page 106 of 229