Vendor CVEs
All CVEs
11,369 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-0497 | Med | 0.31 | 4.7 | 0.01 | Mar 8, 2017 | A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 7.0, 7.1.1. Android ID:… | ||
| CVE-2017-0461 | Med | 0.31 | 4.7 | 0.01 | Mar 8, 2017 | An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2017-0459 | Med | 0.31 | 4.7 | 0.01 | Mar 8, 2017 | An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2017-0452 | Med | 0.31 | 4.7 | 0.01 | Mar 8, 2017 | An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions:… | ||
| CVE-2016-8478 | Med | 0.31 | 4.7 | 0.01 | Mar 8, 2017 | An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2016-8477 | Med | 0.31 | 4.7 | 0.01 | Mar 8, 2017 | An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2016-8416 | Med | 0.31 | 4.7 | 0.01 | Mar 8, 2017 | An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2016-8413 | Med | 0.31 | 4.7 | 0.01 | Mar 8, 2017 | An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2017-0451 | Med | 0.31 | 4.7 | 0.01 | Feb 8, 2017 | An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2016-8414 | Med | 0.31 | 4.7 | 0.01 | Feb 8, 2017 | An information disclosure vulnerability in the Qualcomm Secure Execution Environment Communicator could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged… | ||
| CVE-2016-8475 | Med | 0.31 | 4.7 | 0.01 | Jan 12, 2017 | An information disclosure vulnerability in the HTC input driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:… | ||
| CVE-2016-8474 | Med | 0.31 | 4.7 | 0.01 | Jan 12, 2017 | An information disclosure vulnerability in the STMicroelectronics driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2016-8473 | Med | 0.31 | 4.7 | 0.01 | Jan 12, 2017 | An information disclosure vulnerability in the STMicroelectronics driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2016-8472 | Med | 0.31 | 4.7 | 0.00 | Jan 12, 2017 | An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:… | ||
| CVE-2016-8471 | Med | 0.31 | 4.7 | 0.00 | Jan 12, 2017 | An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:… | ||
| CVE-2016-8470 | Med | 0.31 | 4.7 | 0.00 | Jan 12, 2017 | An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:… | ||
| CVE-2016-8469 | Med | 0.31 | 4.7 | 0.01 | Jan 12, 2017 | An information disclosure vulnerability in the camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:… | ||
| CVE-2016-8410 | Med | 0.31 | 4.7 | 0.01 | Jan 12, 2017 | An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.… | ||
| CVE-2016-8409 | Med | 0.31 | 4.7 | 0.01 | Jan 12, 2017 | An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:… | ||
| CVE-2016-8408 | Med | 0.31 | 4.7 | 0.01 | Jan 12, 2017 | An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:… | ||
| CVE-2016-8407 | Med | 0.31 | 4.7 | 0.01 | Jan 12, 2017 | An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first… | ||
| CVE-2016-8406 | Med | 0.31 | 4.7 | 0.01 | Jan 12, 2017 | An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first… | ||
| CVE-2016-8405 | Med | 0.31 | 4.7 | 0.02 | Jan 12, 2017 | An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first… | ||
| CVE-2016-8404 | Med | 0.31 | 4.7 | 0.01 | Jan 12, 2017 | An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first… | ||
| CVE-2016-8403 | Med | 0.31 | 4.7 | 0.01 | Jan 12, 2017 | An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first… | ||
| CVE-2016-8402 | Med | 0.31 | 4.7 | 0.01 | Jan 12, 2017 | An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first… | ||
| CVE-2016-8401 | Med | 0.31 | 4.7 | 0.01 | Jan 12, 2017 | An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first… | ||
| CVE-2016-8395 | Med | 0.31 | 4.7 | 0.01 | Jan 12, 2017 | A denial of service vulnerability in the NVIDIA camera driver could enable an attacker to cause a local permanent denial of service, which may require reflashing the operating system to repair the device. This issue is rated as High due to the possibility of local permanent… | ||
| CVE-2016-6774 | Med | 0.31 | 4.7 | 0.00 | Jan 12, 2017 | An information disclosure vulnerability in Package Manager could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as Moderate because it first requires compromising a privileged… | ||
| CVE-2016-6757 | Med | 0.31 | 4.7 | 0.01 | Jan 12, 2017 | An information disclosure vulnerability in Qualcomm components including the camera driver and video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a… | ||
| CVE-2016-6756 | Med | 0.31 | 4.7 | 0.01 | Jan 12, 2017 | An information disclosure vulnerability in Qualcomm components including the camera driver and video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a… | ||
| CVE-2016-6723 | Med | 0.31 | 4.7 | 0.01 | Nov 25, 2016 | A denial of service vulnerability in Proxy Auto Config in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This… | ||
| CVE-2016-1943 | Med | 0.31 | 4.7 | 0.01 | Jan 31, 2016 | Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method. | ||
| CVE-2025-20894 | Med | 0.30 | 4.6 | 0.00 | Feb 4, 2025 | Improper access control in Samsung Email prior to version 6.1.97.1 allows physical attackers to access data across multiple user profiles. | ||
| CVE-2023-3481 | Med | 0.30 | 5.7 | 0.00 | Aug 21, 2023 | Critters versions 0.0.17-0.0.19 have an issue when parsing the HTML, which leads to a potential cross-site scripting (XSS) bug. We recommend upgrading to version 0.0.20 of the extension. | ||
| CVE-2023-3497 | Med | 0.30 | 4.6 | 0.00 | Jul 3, 2023 | Out of bounds read in Google Security Processor firmware in Google Chrome on Chrome OS prior to 114.0.5735.90 allowed a local attacker to perform denial of service via physical access to the device. (Chromium security severity: Medium) | ||
| CVE-2022-20497 | Med | 0.30 | 4.6 | 0.00 | Dec 13, 2022 | In updatePublicMode of NotificationLockscreenUserManagerImpl.java, there is a possible way to reveal sensitive notifications on the lockscreen due to an incorrect state transition. This could lead to local information disclosure with physical access required and an app that runs… | ||
| CVE-2022-20465 | Med | 0.30 | 4.6 | 0.01 | Nov 8, 2022 | In dismiss and related functions of KeyguardHostViewController.java and related files, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not… | ||
| CVE-2022-3312 | Med | 0.30 | 4.6 | 0.00 | Nov 1, 2022 | Insufficient validation of untrusted input in VPN in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a local attacker to bypass managed device restrictions via physical access to the device. (Chromium security severity: Medium) | ||
| CVE-2022-20423 | Med | 0.30 | 4.6 | 0.00 | Oct 11, 2022 | In rndis_set_response of rndis.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious USB device is attached with no additional execution privileges needed. User interaction is not needed for… | ||
| CVE-2022-20265 | Med | 0.30 | 4.6 | 0.00 | Aug 12, 2022 | In Settings, there is a possible way to bypass factory reset permissions due to a permissions bypass. This could lead to local escalation of privilege with physical access to the device with no additional execution privileges needed. User interaction is not needed for… | ||
| CVE-2022-20132 | Med | 0.30 | 4.6 | 0.00 | Jun 15, 2022 | In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges… | ||
| CVE-2022-20008 | Med | 0.30 | 4.6 | 0.00 | May 10, 2022 | In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is… | ||
| CVE-2020-0473 | Med | 0.30 | 4.6 | 0.00 | Dec 15, 2020 | In updateIncomingFileConfirmNotification of BluetoothOppNotification.java, there is a possible permissions bypass. This could lead to local escalation of privilege allowing an attacker with physical possession of the device to transfer files to it over Bluetooth, with no… | ||
| CVE-2014-7954 | Med | 0.30 | 4.6 | 0.00 | Jul 7, 2017 | Directory traversal vulnerability in the doSendObjectInfo method in frameworks/av/media/mtp/MtpServer.cpp in Android 4.4.4 allows physically proximate attackers with a direct connection to the target Android device to upload files outside of the sdcard via a .. (dot dot) in a… | ||
| CVE-2017-5040 | Med | 0.30 | 4.3 | 0.22 | Apr 24, 2017 | V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote attacker to read values in memory via a crafted HTML page. | ||
| CVE-2016-6769 | Med | 0.30 | 4.6 | 0.00 | Jan 12, 2017 | An elevation of privilege vulnerability in Smart Lock could enable a local malicious user to access Smart Lock settings without a PIN. This issue is rated as Moderate because it first requires physical access to an unlocked device where Smart Lock was the last settings pane… | ||
| CVE-2026-53221 | mod | 0.29 | 5.5 | 0.01 | Jun 25, 2026 | kernel: ip6_vti: fix incorrect tunnel matching in vti6_tnl_lookup() | ||
| CVE-2026-53219 | mod | 0.29 | 5.5 | 0.00 | Jun 25, 2026 | kernel: netfilter: x_tables: avoid leaking percpu counter pointers | ||
| CVE-2026-52925 | mod | 0.29 | 5.5 | 0.00 | Jun 24, 2026 | kernel: vrf: Fix a potential NPD when removing a port from a VRF |
- risk 0.31cvss 4.7epss 0.01
A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 7.0, 7.1.1. Android ID:…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions:…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the Qualcomm Secure Execution Environment Communicator could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the HTC input driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the STMicroelectronics driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the STMicroelectronics driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…
- risk 0.31cvss 4.7epss 0.00
An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:…
- risk 0.31cvss 4.7epss 0.00
An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:…
- risk 0.31cvss 4.7epss 0.00
An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first…
- risk 0.31cvss 4.7epss 0.02
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first…
- risk 0.31cvss 4.7epss 0.01
A denial of service vulnerability in the NVIDIA camera driver could enable an attacker to cause a local permanent denial of service, which may require reflashing the operating system to repair the device. This issue is rated as High due to the possibility of local permanent…
- risk 0.31cvss 4.7epss 0.00
An information disclosure vulnerability in Package Manager could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as Moderate because it first requires compromising a privileged…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in Qualcomm components including the camera driver and video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a…
- risk 0.31cvss 4.7epss 0.01
An information disclosure vulnerability in Qualcomm components including the camera driver and video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a…
- risk 0.31cvss 4.7epss 0.01
A denial of service vulnerability in Proxy Auto Config in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-11-01, and 7.0 before 2016-11-01 could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This…
- risk 0.31cvss 4.7epss 0.01
Mozilla Firefox before 44.0 on Android allows remote attackers to spoof the address bar via the scrollTo method.
- risk 0.30cvss 4.6epss 0.00
Improper access control in Samsung Email prior to version 6.1.97.1 allows physical attackers to access data across multiple user profiles.
- risk 0.30cvss 5.7epss 0.00
Critters versions 0.0.17-0.0.19 have an issue when parsing the HTML, which leads to a potential cross-site scripting (XSS) bug. We recommend upgrading to version 0.0.20 of the extension.
- risk 0.30cvss 4.6epss 0.00
Out of bounds read in Google Security Processor firmware in Google Chrome on Chrome OS prior to 114.0.5735.90 allowed a local attacker to perform denial of service via physical access to the device. (Chromium security severity: Medium)
- risk 0.30cvss 4.6epss 0.00
In updatePublicMode of NotificationLockscreenUserManagerImpl.java, there is a possible way to reveal sensitive notifications on the lockscreen due to an incorrect state transition. This could lead to local information disclosure with physical access required and an app that runs…
- risk 0.30cvss 4.6epss 0.01
In dismiss and related functions of KeyguardHostViewController.java and related files, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not…
- risk 0.30cvss 4.6epss 0.00
Insufficient validation of untrusted input in VPN in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a local attacker to bypass managed device restrictions via physical access to the device. (Chromium security severity: Medium)
- risk 0.30cvss 4.6epss 0.00
In rndis_set_response of rndis.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious USB device is attached with no additional execution privileges needed. User interaction is not needed for…
- risk 0.30cvss 4.6epss 0.00
In Settings, there is a possible way to bypass factory reset permissions due to a permissions bypass. This could lead to local escalation of privilege with physical access to the device with no additional execution privileges needed. User interaction is not needed for…
- risk 0.30cvss 4.6epss 0.00
In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges…
- risk 0.30cvss 4.6epss 0.00
In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is…
- risk 0.30cvss 4.6epss 0.00
In updateIncomingFileConfirmNotification of BluetoothOppNotification.java, there is a possible permissions bypass. This could lead to local escalation of privilege allowing an attacker with physical possession of the device to transfer files to it over Bluetooth, with no…
- risk 0.30cvss 4.6epss 0.00
Directory traversal vulnerability in the doSendObjectInfo method in frameworks/av/media/mtp/MtpServer.cpp in Android 4.4.4 allows physically proximate attackers with a direct connection to the target Android device to upload files outside of the sdcard via a .. (dot dot) in a…
- risk 0.30cvss 4.3epss 0.22
V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote attacker to read values in memory via a crafted HTML page.
- risk 0.30cvss 4.6epss 0.00
An elevation of privilege vulnerability in Smart Lock could enable a local malicious user to access Smart Lock settings without a PIN. This issue is rated as Moderate because it first requires physical access to an unlocked device where Smart Lock was the last settings pane…
- risk 0.29cvss 5.5epss 0.01
kernel: ip6_vti: fix incorrect tunnel matching in vti6_tnl_lookup()
- risk 0.29cvss 5.5epss 0.00
kernel: netfilter: x_tables: avoid leaking percpu counter pointers
- risk 0.29cvss 5.5epss 0.00
kernel: vrf: Fix a potential NPD when removing a port from a VRF
Page 159 of 228