Total
8912 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-29756 | 1 Google | 1 Android | 2025-06-17 | N/A | 9.8 CRITICAL |
|
In afe_callback of q6afe.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-29755 | 1 Google | 1 Android | 2025-06-17 | N/A | 4.4 MEDIUM |
|
In tmu_get_pi of tmu.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-29754 | 1 Google | 1 Android | 2025-06-17 | N/A | 6.2 MEDIUM |
|
In TMU_IPC_GET_TABLE, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-29753 | 1 Google | 1 Android | 2025-06-17 | N/A | 7.7 HIGH |
|
In tmu_set_control_temp_step of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-29752 | 1 Google | 1 Android | 2025-06-17 | N/A | 7.8 HIGH |
|
In tmu_set_tr_num_thresholds of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-29751 | 1 Google | 1 Android | 2025-06-17 | N/A | 5.5 MEDIUM |
|
In asn1_ec_pkey_parse_p384 of asn1_common.c, there is a possible OOB Read due to a missing null check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-29750 | 1 Google | 1 Android | 2025-06-17 | N/A | 5.5 MEDIUM |
|
In km_exp_did_inner of kmv.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-29749 | 1 Google | 1 Android | 2025-06-17 | N/A | 8.4 HIGH |
|
In tmu_set_tr_thresholds of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-29747 | 1 Google | 1 Android | 2025-06-17 | N/A | 5.9 MEDIUM |
|
In _dvfs_get_lv of dvfs.c, there is a possible out of bounds read due to a missing null check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-29746 | 1 Google | 1 Android | 2025-06-17 | N/A | 8.4 HIGH |
|
In lpm_req_handler of lpm.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-29744 | 1 Google | 1 Android | 2025-06-17 | N/A | 5.5 MEDIUM |
|
In tmu_get_gov_time_windows, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-29743 | 1 Google | 1 Android | 2025-06-17 | N/A | 7.7 HIGH |
|
In tmu_set_temp_lut of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-29742 | 1 Google | 1 Android | 2025-06-17 | N/A | 5.5 MEDIUM |
|
In apply_minlock_constraint of dvfs.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-29741 | 1 Google | 1 Android | 2025-06-17 | N/A | 7.8 HIGH |
|
In pblS2mpuResume of s2mpu.c, there is a possible mitigation bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-29740 | 1 Google | 1 Android | 2025-06-17 | N/A | 7.4 HIGH |
|
In tmu_set_table of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-29739 | 1 Google | 1 Android | 2025-06-17 | N/A | 5.5 MEDIUM |
|
In tmu_get_temp_lut of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-29738 | 1 Google | 1 Android | 2025-06-17 | N/A | 5.5 MEDIUM |
|
In gov_init, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-27232 | 1 Google | 1 Android | 2025-06-17 | N/A | 5.5 MEDIUM |
|
In asn1_ec_pkey_parse of asn1_common.c, there is a possible OOB read due to a missing null check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-27231 | 1 Google | 1 Android | 2025-06-17 | N/A | 5.9 MEDIUM |
|
In tmu_get_tr_stats of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-32877 | 2 Google, Mediatek | 22 Android, Mt6762, Mt6765 and 19 more | 2025-06-17 | N/A | 6.7 MEDIUM |
|
In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308070.
|
|||||
| CVE-2024-20002 | 2 Google, Mediatek | 59 Android, Mt5583, Mt5586 and 56 more | 2025-06-17 | N/A | 6.7 MEDIUM |
|
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID: DTV03961715.
|
|||||
| CVE-2023-32880 | 2 Google, Mediatek | 22 Android, Mt6762, Mt6765 and 19 more | 2025-06-16 | N/A | 4.4 MEDIUM |
|
In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308076.
|
|||||
| CVE-2023-32875 | 2 Google, Mediatek | 58 Android, Mt6580, Mt6731 and 55 more | 2025-06-16 | N/A | 4.4 MEDIUM |
|
In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217.
|
|||||
| CVE-2022-26461 | 2 Google, Mediatek | 15 Android, Mt6833, Mt6853 and 12 more | 2025-06-12 | N/A | 6.7 MEDIUM |
|
In vow, there is a possible undefined behavior due to an API misuse. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032604; Issue ID: ALPS07032604.
|
|||||
| CVE-2021-25262 | 2 Google, Yandex | 2 Android, Yandex Browser | 2025-06-10 | N/A | 5.4 MEDIUM |
|
Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph attack.
|
|||||
| CVE-2025-31712 | 2 Google, Unisoc | 18 Android, S8000, Sc7731e and 15 more | 2025-06-10 | N/A | 5.1 MEDIUM |
|
In cplog service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed.
|
|||||
| CVE-2025-31711 | 2 Google, Unisoc | 18 Android, S8000, Sc7731e and 15 more | 2025-06-10 | N/A | 5.1 MEDIUM |
|
In cplog service, there is a possible system crash due to null pointer dereference. This could lead to local denial of service with no additional execution privileges needed.
|
|||||
| CVE-2025-31710 | 2 Google, Unisoc | 13 Android, S8000, Sc9863a and 10 more | 2025-06-10 | N/A | 5.9 MEDIUM |
|
In engineermode service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed.
|
|||||
| CVE-2022-20392 | 1 Google | 1 Android | 2025-06-05 | N/A | 7.8 HIGH |
|
In declareDuplicatePermission of ParsedPermissionUtils.java, there is a possible way to obtain a dangerous permission without user consent due to improper input validation. This could lead to local escalation of privilege during app installation or upgrade with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-213323615
|
|||||
| CVE-2022-20389 | 1 Google | 1 Android | 2025-06-05 | N/A | 9.8 CRITICAL |
|
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238257004
|
|||||
| CVE-2022-20388 | 1 Google | 1 Android | 2025-06-05 | N/A | 9.8 CRITICAL |
|
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227323
|
|||||
| CVE-2022-42541 | 1 Google | 1 Android | 2025-06-05 | N/A | 9.8 CRITICAL |
|
Remote code execution
|
|||||
| CVE-2023-32884 | 2 Google, Mediatek | 60 Android, Mt2713, Mt6580 and 57 more | 2025-06-03 | N/A | 6.7 MEDIUM |
|
In netdagent, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944011; Issue ID: ALPS07944011.
|
|||||
| CVE-2023-32883 | 2 Google, Mediatek | 57 Android, Mt2713, Mt6580 and 54 more | 2025-06-03 | N/A | 6.7 MEDIUM |
|
In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08282249; Issue ID: ALPS08282249.
|
|||||
| CVE-2023-32876 | 2 Google, Mediatek | 58 Android, Mt6580, Mt6731 and 55 more | 2025-06-03 | N/A | 4.4 MEDIUM |
|
In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612.
|
|||||
| CVE-2023-32872 | 2 Google, Mediatek | 58 Android, Mt6580, Mt6731 and 55 more | 2025-06-03 | N/A | 6.7 MEDIUM |
|
In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08308607.
|
|||||
| CVE-2023-48345 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-02 | N/A | 5.5 MEDIUM |
|
In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
|
|||||
| CVE-2024-20083 | 2 Google, Mediatek | 25 Android, Mt6765, Mt6768 and 22 more | 2025-05-30 | N/A | 9.8 CRITICAL |
|
In venc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08810810 / ALPS08805789; Issue ID: MSV-1502.
|
|||||
| CVE-2023-42706 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-29 | N/A | 5.5 MEDIUM |
|
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
|
|||||
| CVE-2023-42698 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-29 | N/A | 5.5 MEDIUM |
|
In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
|
|||||