Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
8760 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-9387 | 1 Google | 1 Android | 2025-07-10 | 7.8 High |
| In multiple functions of mnh-sm.c, there is a possible way to trigger a heap overflow due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9401 | 1 Google | 1 Android | 2025-07-10 | 7.8 High |
| In many locations, there is a possible way to access kernel memory in user space due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9405 | 1 Google | 1 Android | 2025-07-10 | 6.7 Medium |
| In BnDmAgent::onTransact of dm_agent.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9461 | 1 Google | 1 Android | 2025-07-10 | 7 High |
| In onAttachFragment of ShareIntentActivity.java, there is a possible way for an app to read files in the messages app due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9464 | 1 Google | 1 Android | 2025-07-10 | 7.8 High |
| In multiple locations, there is a possible way to read protected files due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2017-13317 | 1 Google | 1 Android | 2025-07-10 | 5.7 Medium |
| In HeifDecoderImpl::getScanline of HeifDecoderImpl.cpp, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2017-13318 | 1 Google | 1 Android | 2025-07-10 | 5.7 Medium |
| In HeifDataSource::readAt of HeifDecoderImpl.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2018-9373 | 1 Google | 1 Android | 2025-07-10 | 8.8 High |
| In TdlsexRxFrameHandle of the MTK WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9378 | 1 Google | 1 Android | 2025-07-10 | 6.2 Medium |
| In BnAudioPolicyService::onTransact of IAudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-38208 | 2 Google, Microsoft | 2 Android, Edge | 2025-07-10 | 6.1 Medium |
| Microsoft Edge for Android Spoofing Vulnerability | ||||
| CVE-2025-20693 | 4 Google, Linuxfoundation, Mediatek and 1 more | 26 Android, Yocto, Mt2737 and 23 more | 2025-07-09 | 6.5 Medium |
| In wlan STA driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09812521; Issue ID: MSV-3421. | ||||
| CVE-2022-23278 | 4 Apple, Google, Linux and 1 more | 11 Macos, Android, Linux Kernel and 8 more | 2025-07-08 | 5.9 Medium |
| Microsoft Defender for Endpoint Spoofing Vulnerability | ||||
| CVE-2018-9372 | 1 Google | 1 Android | 2025-07-03 | 7.8 High |
| In cmd_flash_mmc_sparse_img of dl_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to a local escalation of privilege in the bootloader with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9409 | 1 Google | 1 Android | 2025-07-03 | 7.8 High |
| In HWCSession::SetColorModeById of hwc_session.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9375 | 1 Google | 1 Android | 2025-07-03 | 7.8 High |
| In multiple functions of UserDictionaryProvider.java, there is a possible way to add and delete words in the user dictionary due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-43077 | 1 Google | 1 Android | 2025-07-03 | 7.8 High |
| In DevmemValidateFlags of devicemem_server.c , there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-43762 | 1 Google | 1 Android | 2025-07-03 | 7.8 High |
| In multiple locations, there is a possible way to avoid unbinding of a service from the system due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-43764 | 1 Google | 1 Android | 2025-07-03 | 7.8 High |
| In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to partially bypass lock screen. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-34732 | 1 Google | 1 Android | 2025-06-27 | 8.4 High |
| In RGXMMUCacheInvalidate of rgxmem.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-34733 | 1 Google | 1 Android | 2025-06-27 | 8.4 High |
| In DevmemXIntMapPages of devicemem_server.c, there is a possible arbitrary code execution due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||