Legacy apps bypass restrict to insert/update files to other app's external private dirs
In extractRelativePath of FileUtils.java, there is a possible way to access files in a directory belonging to other applications due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
6.8AI Score
0.0004EPSS
[Security flaw in WI-FI reset settings]
In factoryReset of WifiServiceImpl.java, there is a possible way to preserve WiFi settings due to a logic error in the code. This could lead to local non-security issues across resets with no additional execution privileges needed. User interaction is not needed for...
6.4AI Score
EPSS
[Out of Bounds Read in register_notification_rsp in btif_rc.cc in libbtif]
In register_notification_rsp of btif_rc.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
5.1AI Score
0.0004EPSS
[Out of Bounds Write in nci_snd_set_routing_cmd in nci_hmsgs.cc in libnfc-nci]
In nci_snd_set_routing_cmd of nci_hmsgs.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for...
8.8CVSS
7.8AI Score
0.0005EPSS
In acc_ctrlrequest_composite of f_accessory.c, there is a possible out of bounds write due to a missing bounds check. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is needed for...
6.6CVSS
6.9AI Score
0.0005EPSS
[Out of Bounds Read and Write in configureProducer in C2BqBuffer.cpp in libcodec2_vndk]
In Import of C2SurfaceSyncObj.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for...
4.4CVSS
6.5AI Score
0.0004EPSS
In inflate of inflate.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
9.2AI Score
0.003EPSS
Potential Intent Redirection issue in SettingsActivity of Settings app
In launchDeepLinkIntentToRight of SettingsHomepageActivity.java, there is a possible way to launch arbitrary activities due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
8.8CVSS
6.9AI Score
0.001EPSS
In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to bypass factory reset protection due to incorrect UI being shown prior to setup completion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
7.8CVSS
6.9AI Score
0.0005EPSS
Microphone privacy indicator can be bypassed by any app
In resolveAttributionSource of ServiceUtilities.cpp, there is a possible way to disable the microphone privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
Delete arbitrary files with system permissions via DevicePolicyManager#clearApplicationUserData
In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
Permanent denial of service via NotificationManager#addAutomaticZenRule
In addAutomaticZenRule of ZenModeHelper.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
5.9AI Score
0.0004EPSS
Linux kernel vulnerability advisory
In multiple functions of many files, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
6.9AI Score
0.0004EPSS
In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
Binder VMA management security issues
In binder_vma_close of binder.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
: wifi: cfg80211: avoid nontransmitted BSS list corruption
In cfg80211_add_nontrans_list of scan.c, there is a possible way to corrupt a list due to a logic error in the code. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
7.2AI Score
0.0004EPSS
: fix u8 overflow in cfg80211_update_notlisted_nontrans
In cfg80211_update_notlisted_nontrans of scan.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...
8.1CVSS
8.4AI Score
0.002EPSS
Speculative Target Reuse Attacks
In specific ARM processors, there is a possible side-channel information leak due to a hardware flaw. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
5.6CVSS
7AI Score
0.001EPSS
In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a separate app with API level < 23 due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...
7.3CVSS
7.1AI Score
0.0004EPSS
[INTERNAL SHADOW][Zebra] FLAG_SECURE is not included in KeyGaurd and Set Pin/Password screen
In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user's password on a secondary display due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...
5.5CVSS
5.1AI Score
0.0004EPSS
In writeApplicationRestrictionsLAr of UserManagerService.java, there is a possible overwrite of system files due to a path traversal error. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for...
4.4CVSS
6.6AI Score
0.0004EPSS
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.1AI Score
0.0004EPSS
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.1AI Score
0.0004EPSS
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.1AI Score
0.0004EPSS
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.1AI Score
0.0004EPSS
[Race Condition in setSecurityLevel Function in DrmPlugin.cpp in [email protected]]
In getSecurityLevel and setSecurityLevel of DrmPlugin.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
6.8AI Score
0.0004EPSS
Delivery of new intents to protected activities via Activity#navigateUpTo() API
In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to a logic error in the code. This could lead to local escalation of privilege if the targeted app has an intent trampoline, with no additional execution privileges needed. User interaction is not...
7.8CVSS
6.7AI Score
0.0004EPSS
[Out of Bounds Write in phNxpNciHal_write_unlocked Function in phNxpNciHal.cc in nfc_nci_nxp]
In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
6.8AI Score
0.0004EPSS
Path traversal in MmsProvider#update leading to permanent DoS
In update of MmsProvider.java, there is a possible constriction of directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is needed for...
5.5CVSS
6.3AI Score
0.0005EPSS
[Android 13 Beta] [Heap Use After Free in PAN_WriteBuf Function in pan_api.cc in libbt-stack]
In PAN_WriteBuf of pan_api.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for...
6.5CVSS
6.2AI Score
0.001EPSS
[local root on the latest Pixel6]
In io_match_task of io_uring.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
8AI Score
0.0004EPSS
Bypass fix of CVE-2022-20143: Bypass zen rule limit with different configuration Activity
In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent degradation of performance due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for...
5.5CVSS
6.5AI Score
0.0004EPSS
Vulnerability: external/expat (bufferSize)
In XML_GetBuffer of xmlparse.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
9AI Score
0.014EPSS
In SettingsActivity.java, there is a possible way to make a device discoverable over Bluetooth, without permission or user interaction, due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
7.1AI Score
0.0004EPSS
Path Traversal in MediaProvider#delete
In checkAccess of MediaProvider.java, there is a possible file deletion due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.1AI Score
0.0004EPSS
In onSaveRingtone of DefaultRingtonePreference.java, there is a possible inappropriate file read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
5.5CVSS
6.1AI Score
0.0004EPSS
Built-In VPN "Magically" Disabled Itself When Entering WiFi
In onDefaultNetworkChanged of Vpn.java, there is a possible way to disable VPN due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7AI Score
0.0004EPSS
[surfaceflinger EventThreadConnection::stealReceiveChannel fdsan crash]
In stealReceiveChannel of EventThread.cpp, there is a possible way to interfere with process communication due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7CVSS
7.1AI Score
0.0004EPSS
Exploiting BLURtooth [CVE-2020-15802] on a Pixel 6
In btif_dm_auth_cmpl_evt of btif_dm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
9.8CVSS
7.2AI Score
0.001EPSS
7.1AI Score
Leak contact image data across user boundaries through Notification
In multiple locations, there is a possible way to reveal images across users data due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7AI Score
EPSS
[There are two problems with killBackgroundProcesses in ActivityManager]
In multiple functions of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.8CVSS
7.8AI Score
0.0004EPSS
Silently retain Accessibility Service after package update
In updateServicesLocked of AccessibilityManagerService.java, there is a possible way for an app to be hidden from the Setting while retaining Accessibility Service due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed....
7AI Score
EPSS
In multiple methods of UserManagerService.java, there is a possible failure to persist or enforce user restrictions due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
7.4AI Score
0.0004EPSS
In multiple locations, there is a possible notification listener grant to an app running in the work profile due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
7.3AI Score
0.0004EPSS
[Out of Bounds Read in WT_VoiceGain in eas_wtengine.c]
In multiple locations, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for...
7.2AI Score
0.0004EPSS
Bypass DISALLOW_ADD_WIFI_CONFIG to connect to an untrusted Wi-Fi network by WifiDialogActivity
In onCreate of WifiDialogActivity.java, there is a possible way to bypass the DISALLOW_ADD_WIFI_CONFIG restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.3AI Score
0.0004EPSS
In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a missing validation check. This could lead to a local non-security issue with no additional execution privileges needed. User interaction is not needed for...
6.8AI Score
0.0004EPSS
[Out of Bounds Read and Write in onQueueFilled in outQueue in libstagefright_soft_mpeg4dec]
In onQueueFilled of SoftMPEG4.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
7.4AI Score
0.0004EPSS