PDoS using high notification channel group count limit
In PreferencesHelper.java, an uncaught exception may cause the device to get stuck in a boot loop. This could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
6.3AI Score
0.0004EPSS
Vulnerability: 3 vulnerabilities affecting GitOnBorg::android::platform::external::freetype
In ft_open_face_internal of ftobjs.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for...
7.5CVSS
8.1AI Score
0.003EPSS
ADP Grant - Detecting photos belonging to other users by posting a CallStyle notification
In visitUris of Notification.java, there is a possible way to leak image data across user boundaries due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
6.4AI Score
0.0004EPSS
NuMediaExtractor::readSampleData() SEGV failures
In readSampleData of NuMediaExtractor.cpp, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for...
8.8CVSS
7.6AI Score
0.002EPSS
CallRedirection Service does not unbind when null returned from Service, which may lead to BAL
In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for...
7.8CVSS
6.8AI Score
0.0004EPSS
In various functions of AppStandbyController.java, there is a possible way to break manageability scenarios due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
6.8AI Score
0.0004EPSS
[Denial Of Service Android 13 September 2022]
In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or service due to long running operations. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for...
7.5CVSS
6.7AI Score
0.001EPSS
In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
4.7CVSS
6.8AI Score
0.0004EPSS
Large images in RemoteViews can crash SystemUI
In multiple functions of multiple files, there is a possible way to make the device unusable due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
6.3AI Score
0.0004EPSS
Bypass patch of 209446496: Secondary user could disable secure nfc
In isToggleable of SecureNfcEnabler.java and SecureNfcPreferenceController.java, there is a possible way to enable NFC from a secondary account due to a permissions bypass. This could lead to local escalation of privilege from the Guest account with no additional execution privileges needed. User.....
7.8CVSS
6.8AI Score
0.0004EPSS
ADP Grant - Intent mismatch between Intent.toUri and Intent.parseUri
In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.4AI Score
0.0004EPSS
[Android 13 Beta] Fast Pair - Information disclosure of Bluetooth Model ID and MAC Address
In sendHalfSheetCancelBroadcast of HalfSheetActivity.java, there is a possible way to learn nearby BT MAC addresses due to an unrestricted broadcast intent. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
5.8AI Score
0.0004EPSS
a2dp_codec_fuzz: Tag-mismatch in A2DP_BuildCodecHeaderSbc
In A2DP_BuildCodecHeaderSbc of a2dp_sbc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
5AI Score
0.0004EPSS
Malicious app can bypass one-time permission revocation and keep it granted
In getGroupState of GrantPermissionsViewModel.kt, there is a possible way to keep a one-time permission granted due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
6.7AI Score
0.0004EPSS
Possible Vulnerability: Invalid check for Virtio descriptors
In is_valid of queue.rs, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
8.8CVSS
5.7AI Score
0.001EPSS
In onAttach of SettingsPreferenceFragment.java, there is a possible bypass of Factory Reset Protections due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.4AI Score
0.0004EPSS
an potential OOB write in gatt_process_prep_write_rsp Function in gatt_cl.cc
In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
8.1AI Score
0.002EPSS
[Auto] [Bluetooth] Heap OOB write of 0x00 in SDP_AddAttribute
In SDP_AddAttribute of sdp_db.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
7.6AI Score
0.002EPSS
In onStart of BluetoothSwitchPreferenceController.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
8.1AI Score
0.002EPSS
In createTrack of AudioFlinger.cpp, there is a possible way to record audio without a privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...
6.7CVSS
6.9AI Score
0.0004EPSS
[Out of Bounds Write in phNciNfc_MfCreateXchgDataHdr in phNxpExtns_MifareStd.cpp in libnfc_nci_jni]
In phNciNfc_MfCreateXchgDataHdr of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.9AI Score
0.0004EPSS
Android T init_boot partition signed with public testkeys
In the Android operating system, there is a possible way to replace a boot partition due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
[Out of Bounds Read in pin_reply Function in bluetooth.cc in Bluetooth]
In pinReplyNative of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege of BLE with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.7AI Score
0.0004EPSS
[oob write due to invaild length check in Mfc_Transceive() of libnfc_nci_jni.so]
In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.9AI Score
0.0004EPSS
Outgoing call redirection by phone account settings tapjacking
In onCreate of PhoneAccountSettingsActivity.java and related files, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is...
7.8CVSS
7.8AI Score
0.0004EPSS
In onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically grant accessibility services due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
7.3CVSS
7.8AI Score
0.0004EPSS
Cross user image leak by logic error in multi-user profile customization
In onActivityResult of AvatarPickerActivity.java, there is a possible way to access images belonging to other users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
Bypassing user interaction in phone account settings using duplicate registrations
In addOrReplacePhoneAccount of PhoneAccountRegistrar.java, there is a possible way to enable a phone account without user interaction due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...
7.8CVSS
7.8AI Score
0.0004EPSS
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.1AI Score
0.0004EPSS
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
In GetResolvedMethod of entrypoint_utils-inl.h, there is a possible use after free due to a stale cache. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
5.3AI Score
0.0004EPSS
In setImpl of AlarmManagerService.java, there is a possible way to put a device into a boot loop due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
6.3AI Score
0.0004EPSS
App can redirect a call to different user without requiring INTERACT_ACROSS_USERS permission.
In onCallRedirectionComplete of CallsManager.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
7.8CVSS
6.8AI Score
0.0005EPSS
In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
6.8AI Score
0.0004EPSS
In audioTransportsToHal of HidlUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.2AI Score
0.0004EPSS
[Out of Bounds Write in audioProfileToHal Function in HidlUtils.cpp in [email protected]]
In audioTransportsToHal of HidlUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.2AI Score
0.0004EPSS
In extract3GPPGlobalDescriptions of TextDescriptions.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure from the media server with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
6.1AI Score
0.0004EPSS
Parcel reuse allows BAL bypass
In recycle of Parcel.java, there is a possible way to start foreground activity from background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.1AI Score
0.0004EPSS
Vulnerability: external/expat (addBinding)
In storeAtts of xmlparse.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
9AI Score
0.003EPSS
7.1AI Score
Bypass fix of CVE-2021-39807 : Disable secure nfc in guest user via SettingsSlice
In setChecked of SecureNfcPreferenceController.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7AI Score
0.0004EPSS
In updateAudioTrackInfoFromESDS_MPEG4Audio of MPEG4Extractor.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for...
6.5CVSS
6.5AI Score
0.001EPSS
Task hijacking via relinquishTaskIdentity attribute - test
In Task.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
7.8CVSS
7.5AI Score
0.0005EPSS
Proxy PAC URL can use several URL schemes, including file: and jar:
In get of PacProxyService.java, there is a possible system service crash due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for...
5.5CVSS
6.3AI Score
0.0004EPSS
7.1AI Score
7.1AI Score
[Crafted HFP Client Packet Causes Out-of-bounds Write in Bluetooth]
In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
7.8AI Score
0.001EPSS
EoP: Unsafe package check leading to LaunchAnyWhere in AppRestrictionsFragment
In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
7.1AI Score
Malicious code in watch-a-fast-x-2023online-watching-at-home (npm)
-= Per source details. Do not edit below this...
7.1AI Score