VYPR

Vendor CVEs

Google

All CVEs

11,416 total · sorted by risk
  • CVE-2018-9376MedDec 2, 2024
    risk 0.44cvss 6.7epss 0.00

    In rpc_msg_handler and related handlers of drivers/misc/mediatek/eccci/port_rpc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not…

  • CVE-2017-13311MedNov 15, 2024
    risk 0.44cvss 6.7epss 0.00

    In the read() function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an activity with system privileges with no additional execution privileges…

  • CVE-2024-29783MedApr 5, 2024
    risk 0.44cvss 6.7epss 0.00

    In tmu_get_tr_thresholds, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-25987MedMar 11, 2024
    risk 0.44cvss 6.7epss 0.00

    In pt_sysctl_command of pt.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-0044MedMar 11, 2024
    risk 0.44cvss 6.7epss 0.01

    In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-3742MedDec 20, 2023
    risk 0.44cvss 6.8epss 0.00

    Insufficient policy enforcement in ADB in Google Chrome on ChromeOS prior to 114.0.5735.90 allowed a local attacker to bypass device policy restrictions via physical access to the device. (Chromium security severity: High)

  • CVE-2023-48414MedDec 8, 2023
    risk 0.44cvss 6.7epss 0.00

    In the Pixel Camera Driver, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-48406MedDec 8, 2023
    risk 0.44cvss 6.7epss 0.00

    there is a possible permanent DoS or way for the modem to boot unverified firmware due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-48405MedDec 8, 2023
    risk 0.44cvss 6.7epss 0.00

    there is a possible way for the secure world to write to NS memory due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21380MedOct 30, 2023
    risk 0.44cvss 6.7epss 0.00

    In Bluetooth, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21371MedOct 30, 2023
    risk 0.44cvss 6.7epss 0.00

    In Secure Element, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21370MedOct 30, 2023
    risk 0.44cvss 6.7epss 0.00

    In the Security Element API, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21360MedOct 30, 2023
    risk 0.44cvss 6.7epss 0.00

    In Bluetooth, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21310MedOct 30, 2023
    risk 0.44cvss 6.7epss 0.00

    In Bluetooth, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-35660MedOct 11, 2023
    risk 0.44cvss 6.7epss 0.00

    In lwis_transaction_client_cleanup of lwis_transaction.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-35655MedOct 11, 2023
    risk 0.44cvss 6.7epss 0.00

    In CanConvertPadV2Op of darwinn_mlir_converter_aidl.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-35654MedOct 11, 2023
    risk 0.44cvss 6.7epss 0.00

    In ctrl_roi of stmvl53l1_module.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21244MedOct 6, 2023
    risk 0.44cvss 6.7epss 0.00

    In visitUris of Notification.java, there is a possible bypass of user profile boundaries due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21264MedAug 14, 2023
    risk 0.44cvss 6.7epss 0.00

    In multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.…

  • CVE-2023-21140MedAug 14, 2023
    risk 0.44cvss 6.8epss 0.00

    In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution…

  • CVE-2023-21134MedAug 14, 2023
    risk 0.44cvss 6.8epss 0.00

    In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution…

  • CVE-2023-21133MedAug 14, 2023
    risk 0.44cvss 6.8epss 0.00

    In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution…

  • CVE-2023-21132MedAug 14, 2023
    risk 0.44cvss 6.8epss 0.00

    In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution…

  • CVE-2023-35693MedJul 13, 2023
    risk 0.44cvss 6.7epss 0.00

    In incfs_kill_sb of fs/incfs/vfs.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21400MedJul 13, 2023
    risk 0.44cvss 6.7epss 0.00

    In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21236MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    In aoc_service_set_read_blocked of aoc.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21222MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    In load_dt_data of storage.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-21209MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    In multiple functions of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21207MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    In initiateTdlsSetupInternal of sta_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21203MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    In startWpsPbcInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21171MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    In verifyInputEvent of InputDispatcher.cpp, there is a possible way to conduct click fraud due to side channel information disclosure. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for…

  • CVE-2023-21161MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    In Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-21159MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    In Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-21157MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    In encode of wlandata.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-21153MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    In Do_AIMS_SET_CALL_WAITING of imsservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21151MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    In the Google BMS kernel module, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-21146MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239867994References:…

  • CVE-2023-21116MedMay 15, 2023
    risk 0.44cvss 6.7epss 0.00

    In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is…

  • CVE-2023-21084MedApr 19, 2023
    risk 0.44cvss 6.7epss 0.00

    In buildPropFile of filesystem.go, there is a possible insecure hash due to an improperly used crypto. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21079MedMar 24, 2023
    risk 0.44cvss 6.7epss 0.00

    In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21078MedMar 24, 2023
    risk 0.44cvss 6.7epss 0.00

    In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-21077MedMar 24, 2023
    risk 0.44cvss 6.7epss 0.00

    In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-21076MedMar 24, 2023
    risk 0.44cvss 6.7epss 0.00

    In createTransmitFollowupRequest of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21075MedMar 24, 2023
    risk 0.44cvss 6.7epss 0.00

    In get_svc_hash of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-21073MedMar 24, 2023
    risk 0.44cvss 6.7epss 0.00

    In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-21072MedMar 24, 2023
    risk 0.44cvss 6.7epss 0.00

    In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-21071MedMar 24, 2023
    risk 0.44cvss 6.7epss 0.00

    In dhd_prot_ioctcmplt_process of dhd_msgbuf.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21070MedMar 24, 2023
    risk 0.44cvss 6.7epss 0.00

    In add_roam_cache_list of wl_roam.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-21069MedMar 24, 2023
    risk 0.44cvss 6.7epss 0.00

    In wl_update_hidden_ap_ie of wl_cfgscan.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21065MedMar 24, 2023
    risk 0.44cvss 6.7epss 0.00

    In fdt_next_tag of fdt.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid…

Page 114 of 229