VYPR

Vendor CVEs

Google

All CVEs

11,368 total · sorted by risk
  • CVE-2026-52927modJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: netfilter: ebtables: fix OOB read in compat_mtw_from_user

  • CVE-2026-52925modJun 24, 2026
    risk 0.29cvss 5.5epss 0.00

    kernel: vrf: Fix a potential NPD when removing a port from a VRF

  • CVE-2026-46261MedJun 3, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcm_fiu_probe() platform_get_resource_byname() can return NULL, which would cause a crash when passed the pointer to resource_size(). Move the…

  • CVE-2026-46256MedJun 3, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: NFS/localio: prevent direct reclaim recursion into NFS via nfs_writepages LOCALIO is an NFS loopback mount optimization that avoids using the network for READ, WRITE and COMMIT if the NFS client and server are…

  • CVE-2025-71313MedJun 3, 2026
    risk 0.29cvss 5.5epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for alloc_workqueue() alloc_workqueue() can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when…

  • CVE-2026-7941MedMay 6, 2026
    risk 0.29cvss 4.4epss 0.00

    Insufficient validation of untrusted input in Mobile in Google Chrome on Android prior to 148.0.7778.96 allowed a local attacker to inject arbitrary scripts or HTML (UXSS) via a crafted Chrome Extension. (Chromium security severity: Medium)

  • CVE-2026-7932MedMay 6, 2026
    risk 0.29cvss 4.4epss 0.00

    Insufficient policy enforcement in Downloads in Google Chrome prior to 148.0.7778.96 allowed a local attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-13437MedNov 20, 2025
    risk 0.29cvss epss 0.00

    When zx is invoked with --prefer-local=, the CLI creates a symlink named ./node_modules pointing to /node_modules. Due to a logic error in src/cli.ts (linkNodeModules / cleanup), the function returns the target path instead of the alias (symlink path). The later…

  • CVE-2018-9384MedJan 17, 2025
    risk 0.29cvss 4.4epss 0.00

    In multiple locations, there is a possible way to bypass KASLR due to an unusual root cause. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2018-9383MedJan 17, 2025
    risk 0.29cvss 4.4epss 0.00

    In asn1_ber_decoder of asn1_decoder.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2018-9408MedDec 5, 2024
    risk 0.29cvss 4.4epss 0.00

    In m3326_gps_write and m3326_gps_read of gps.s, there is a possible Out Of Bounds Read due to a missing bounds check. This could lead to a local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-47028MedOct 25, 2024
    risk 0.29cvss 4.4epss 0.00

    In ffu_flash_pack of ffu.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-44096MedSep 13, 2024
    risk 0.29cvss 4.4epss 0.00

    there is a possible arbitrary read due to an insecure default value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-29755MedApr 5, 2024
    risk 0.29cvss 4.4epss 0.00

    In tmu_get_pi of tmu.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2024-27225MedMar 11, 2024
    risk 0.29cvss 4.4epss 0.00

    In sendHciCommand of bluetooth_hci.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21387MedOct 30, 2023
    risk 0.29cvss 4.4epss 0.00

    In User Backup Manager, there is a possible way to leak a token to bypass user confirmation for backup due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21379MedOct 30, 2023
    risk 0.29cvss 4.4epss 0.00

    In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21359MedOct 30, 2023
    risk 0.29cvss 4.4epss 0.00

    In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21357MedOct 30, 2023
    risk 0.29cvss 4.4epss 0.00

    In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21314MedOct 30, 2023
    risk 0.29cvss 4.4epss 0.00

    In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21297MedOct 30, 2023
    risk 0.29cvss 4.4epss 0.00

    In SEPolicy, there is a possible way to access the factory MAC address due to a permissions bypass. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-35653MedOct 11, 2023
    risk 0.29cvss 4.4epss 0.00

    In TBD of TBD, there is a possible way to access location information due to a permissions bypass. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21214MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In addGroupWithConfigInternal of p2p_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21213MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In initiateTdlsTeardownInternal of sta_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System execution privileges needed. User interaction is not needed for…

  • CVE-2023-21212MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21210MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In initiateHs20IconQueryInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21208MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In setCountryCodeInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21206MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In initiateVenueUrlAnqpQueryInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21204MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21202MedJun 28, 2023
    risk 0.29cvss 4.5epss 0.00

    In btm_delete_stored_link_key_complete of btm_devctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execution privileges needed. User interaction is not needed for…

  • CVE-2023-21199MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In btu_ble_proc_ltk_req of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21196MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In btm_ble_batchscan_filter_track_adv_vse_cback of btm_ble_batchscan.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not…

  • CVE-2023-21195MedJun 28, 2023
    risk 0.29cvss 4.5epss 0.00

    In btm_ble_periodic_adv_sync_tx_rcvd of btm_ble_gap.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth, if the firmware were compromised with System execution privileges needed. User…

  • CVE-2023-21194MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In gatt_dbg_op_name of gatt_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21188MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In btm_ble_update_inq_result of btm_ble_gap.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21182MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for…

  • CVE-2023-21181MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In btm_ble_update_inq_result of btm_ble_gap.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21176MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In list_key_entries of utils.rs, there is a possible way to disable user credentials due to resource exhaustion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21170MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In executeSetClientTarget of ComposerCommandEngine.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21169MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In inviteInternal of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21158MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In encode of miscdata.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-21156MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In BuildGetRadioNode of protocolmiscbulider.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the modem with System execution privileges needed. User interaction is not needed for…

  • CVE-2023-21154MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In StoreAdbSerialNumber of protocolmiscbuilder.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21150MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In handle_set_parameters_ctrl of hal_socket.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21148MedJun 28, 2023
    risk 0.29cvss 4.4epss 0.00

    In BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing null check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-2976MedJun 14, 2023
    risk 0.29cvss 5.5epss 0.00

    Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able…

  • CVE-2023-21049MedMar 24, 2023
    risk 0.29cvss 4.4epss 0.00

    In append_camera_metadata of camera_metadata.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21048MedMar 24, 2023
    risk 0.29cvss 4.4epss 0.00

    In handleEvent of nan.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2023-21047MedMar 24, 2023
    risk 0.29cvss 4.4epss 0.00

    In ConvertToHalMetadata of aidl_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21046MedMar 24, 2023
    risk 0.29cvss 4.4epss 0.00

    In ConvertToHalMetadata of aidl_utils.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

Page 160 of 228