Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-22548

Summary
Assigner-Google
Assigner Org ID-14ed7db2-1595-443d-9d34-6215bf890778
Published At-08 Jun, 2021 | 13:15
Updated At-17 Sep, 2024 | 01:11
Rejected At-
Credits

Arbitrary enclave memory overread vulnerability in Asylo TrustedPrimitives::UntrustedCall

An attacker can change the pointer to untrusted memory to point to trusted memory region which causes copying trusted memory to trusted memory, if the latter is later copied out, it allows for reading of memory regions from the trusted region. It is recommended to update past 0.6.2 or git commit https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Google
Assigner Org ID:14ed7db2-1595-443d-9d34-6215bf890778
Published At:08 Jun, 2021 | 13:15
Updated At:17 Sep, 2024 | 01:11
Rejected At:
▼CVE Numbering Authority (CNA)
Arbitrary enclave memory overread vulnerability in Asylo TrustedPrimitives::UntrustedCall

An attacker can change the pointer to untrusted memory to point to trusted memory region which causes copying trusted memory to trusted memory, if the latter is later copied out, it allows for reading of memory regions from the trusted region. It is recommended to update past 0.6.2 or git commit https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c

Affected Products
Vendor
Google LLCGoogle LLC
Product
Asylo
Versions
Affected
  • From unspecified through 0.6.2 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-788CWE-788 Access of Memory Location After End of Buffer
Type: CWE
CWE ID: CWE-788
Description: CWE-788 Access of Memory Location After End of Buffer
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Qinkun Bao (Baidu Security)
Zhaofeng Chen (Baidu Security)
Mingshen Sun (Baidu Security)
Kang Li (Baidu Security)
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c
x_refsource_MISC
Hyperlink: https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve-coordination@google.com
Published At:08 Jun, 2021 | 14:15
Updated At:17 Jun, 2021 | 16:09

An attacker can change the pointer to untrusted memory to point to trusted memory region which causes copying trusted memory to trusted memory, if the latter is later copied out, it allows for reading of memory regions from the trusted region. It is recommended to update past 0.6.2 or git commit https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.16.5MEDIUM
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Google LLC
google
>>asylo>>Versions before 0.6.2(exclusive)
cpe:2.3:a:google:asylo:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE-788Secondarycve-coordination@google.com
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-788
Type: Secondary
Source: cve-coordination@google.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5ccve-coordination@google.com
Patch
Third Party Advisory
Hyperlink: https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c
Source: cve-coordination@google.com
Resource:
Patch
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

1710Records found
CVE-2023-38570
Matching Score-10
Assigner-Intel Corporation
ShareView Details
Matching Score-10
Assigner-Intel Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.07% / 21.20%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 19:04
Updated-30 Aug, 2024 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Access of memory location after end of buffer for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationApple Inc.Google LLCMicrosoft Corporation
Product-androidwindowsunison_softwareiphone_osIntel Unison software
CWE ID-CWE-788
Access of Memory Location After End of Buffer
CVE-2025-26455
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.64%
||
7 Day CHG~0.00%
Published-04 Sep, 2025 | 17:15
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple functions of NdkMediaCodec.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2025-26439
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.40%
||
7 Day CHG~0.00%
Published-04 Sep, 2025 | 19:28
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In getComponentName of AccessibilitySettingsUtils.java, there is a possible way to for a malicious Talkback service to be enabled instead of the system component due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2025-26440
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.83%
||
7 Day CHG~0.00%
Published-04 Sep, 2025 | 17:11
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple functions of CameraService.cpp, there is a possible way to use the camera from the background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-862
Missing Authorization
CVE-2025-26436
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.96%
||
7 Day CHG~0.00%
Published-04 Sep, 2025 | 17:11
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In clearAllowBgActivityStarts of PendingIntentRecord.java, there is a possible way for an application to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-863
Incorrect Authorization
CVE-2025-26450
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.51%
||
7 Day CHG~0.00%
Published-04 Sep, 2025 | 17:14
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In onInputEvent of IInputMethodSessionWrapper.java, there is a possible way for an untrusted app to inject key and motion events to the default IME due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-862
Missing Authorization
CVE-2025-26430
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.18%
||
7 Day CHG~0.00%
Published-04 Sep, 2025 | 17:11
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-285
Improper Authorization
CVE-2025-26464
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.40%
||
7 Day CHG~0.00%
Published-04 Sep, 2025 | 18:33
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In executeAppFunction of AppSearchManagerService.java, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2025-26458
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.40%
||
7 Day CHG~0.00%
Published-04 Sep, 2025 | 17:15
Updated-08 Sep, 2025 | 14:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple functions of LocationProviderManager.java, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2025-26452
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.51%
||
7 Day CHG~0.00%
Published-04 Sep, 2025 | 17:15
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In loadDrawableForCookie of ResourcesImpl.java, there is a possible way to access task snapshots of other apps due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-441
Unintended Proxy or Intermediary ('Confused Deputy')
CVE-2025-26462
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.18%
||
7 Day CHG~0.00%
Published-04 Sep, 2025 | 17:15
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In AccessibilityServiceConnection.java, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-269
Improper Privilege Management
CVE-2016-5340
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.96%
||
7 Day CHG~0.00%
Published-07 Aug, 2016 | 21:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name.

Action-Not Available
Vendor-n/aGoogle LLCLinux Kernel Organization, Inc
Product-androidlinux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-5700
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.38%
||
7 Day CHG~0.00%
Published-09 Oct, 2019 | 21:05
Updated-04 Aug, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra software contains a vulnerability in the bootloader, where it does not validate the fields of the boot image, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.

Action-Not Available
Vendor-n/aGoogle LLCNVIDIA Corporation
Product-shield_experienceandroidNVIDIA SHIELD TV
CWE ID-CWE-20
Improper Input Validation
CVE-2019-5780
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.46%
||
7 Day CHG~0.00%
Published-19 Feb, 2019 | 17:00
Updated-04 Aug, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple Events.

Action-Not Available
Vendor-Google LLCRed Hat, Inc.Apple Inc.Fedora ProjectDebian GNU/Linux
Product-enterprise_linux_serverdebian_linuxchromeenterprise_linux_workstationfedoramacosenterprise_linux_desktopChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2019-5699
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.19%
||
7 Day CHG~0.00%
Published-09 Oct, 2019 | 21:05
Updated-04 Aug, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra bootloader contains a vulnerability where the software performs an incorrect bounds check, which may lead to buffer overflow resulting in escalation of privileges and code execution. escalation of privileges, and information disclosure, code execution, denial of service, or escalation of privileges.

Action-Not Available
Vendor-n/aGoogle LLCNVIDIA Corporation
Product-shield_experienceandroidNVIDIA SHIELD TV
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-29216
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.8||HIGH
EPSS-0.17% / 37.69%
||
7 Day CHG~0.00%
Published-20 May, 2022 | 23:35
Updated-22 Apr, 2025 | 17:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Code injection in `saved_model_cli` in TensorFlow

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow's `saved_model_cli` tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reasons as the maintainers had several test cases where numpy expressions were used as arguments. However, given that the tool is always run manually, the impact of this is still not severe. The maintainers have now removed the `safe=False` argument, so all parsing is done without calling `eval`. The patch is available in versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2022-48388
Matching Score-8
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-8
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.26%
||
7 Day CHG-0.03%
Published-09 May, 2023 | 01:21
Updated-28 Jan, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In powerEx service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-androidt610t616t770t618sc9863at820s8000t606sc7731esc9832et612t310t760SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-862
Missing Authorization
CVE-2025-22437
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.68%
||
7 Day CHG+0.02%
Published-02 Sep, 2025 | 22:11
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2025-22422
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.05% / 17.00%
||
7 Day CHG+0.04%
Published-02 Sep, 2025 | 22:11
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple locations, there is a possible way to mislead a user into approving an authentication prompt for one app when its result will be used in another due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key
CVE-2025-20705
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.61%
||
7 Day CHG~0.00%
Published-01 Sep, 2025 | 05:12
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In monitor_hang, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09989078; Issue ID: MSV-3964.

Action-Not Available
Vendor-OpenWrtThe Linux FoundationMediaTek Inc.Google LLC
Product-mt6990mt6883mt6879mt8696mt6765mt6781mt8169mt6985mt8676mt6886mt6983mt8678mt6880mt8186mt8796mt6877mt6895mt6893mt6980dmt2735androidyoctomt6768mt6885mt6889openwrtmt6761mt6897mt8792mt6991mt8188mt6855mt2718mt6890mt6835mt8775mt6878mt6789mt6853mt6739mt6989mt6899MT2718, MT2735, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6893, MT6895, MT6897, MT6899, MT6980D, MT6983, MT6985, MT6989, MT6990, MT6991, MT8169, MT8186, MT8188, MT8676, MT8678, MT8696, MT8775, MT8792, MT8796
CWE ID-CWE-416
Use After Free
CVE-2025-20795
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.98%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10276761; Issue ID: MSV-5141.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt6873mt6580androidmt8395mt6879mt6989mt6991mt8755mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8370mt8195mt8768mt6983mt8792mt8793mt8788emt6878mt6768mt8796mt6789mt6739mt8390mt8391mt8676mt6785mt6761mt6855mt2718mt6853mt8766mt6889mt8186mt8188mt8696mt6883mt8893mt8873mt8791tmt6885mt8883mt6779mt8786mt6781mt8781MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20778
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.80%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4729.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MediaTek chipset
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20780
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.80%
||
7 Day CHG~0.00%
Published-06 Jan, 2026 | 01:46
Updated-30 Mar, 2026 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184061; Issue ID: MSV-4712.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6833mt6886mt6765mt8795tandroidmt6879mt6989mt6991mt6893mt6895mt6835mt6897mt6985mt6899mt8678mt8196mt6877mt8768mt6983mt8792mt8793mt8667mt6878mt6768mt8796mt8798mt6789mt6739mt8676mt8771mt6761mt6855mt8766mt6853mt6889mt8186mt8188mt6883mt8765mt8791tmt8873mt6885mt8673mt8883mt6781mt8781MediaTek chipset
CWE ID-CWE-416
Use After Free
CVE-2025-20763
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.42%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In mmdvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10267218; Issue ID: MSV-5032.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6883mt6886mt8792mt6989mt6835mt6885mt6991mt8873mt8196mt6833mt6893mt8793mt6983mt8676mt6855mt6895mt8796mt6877mt6899mt6879mt6878mt6889mt8893mt6985mt8678androidmt6897mt6853MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793, MT8796, MT8873, MT8893
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20979
Matching Score-8
Assigner-Samsung Mobile
ShareView Details
Matching Score-8
Assigner-Samsung Mobile
CVSS Score-8.4||HIGH
EPSS-0.02% / 6.62%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 08:24
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in libsavscmn prior to Android 15 allows local attackers to execute arbitrary code.

Action-Not Available
Vendor-Samsung ElectronicsGoogle LLC
Product-androidlibsavscmn
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20721
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.58%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 09:11
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In imgsensor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10089545; Issue ID: MSV-4279.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6989mt6991androidmt8395iot_yoctomt6899mt8196mt8792mt6897mt8195mt8390mt8370mt8793mt6985mt6886MT6886, MT6897, MT6899, MT6985, MT6989, MT6991, MT8195, MT8196, MT8370, MT8390, MT8395, MT8792, MT8793
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20668
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 5.88%
||
7 Day CHG~0.00%
Published-05 May, 2025 | 02:49
Updated-26 Feb, 2026 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In scp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09625562; Issue ID: MSV-3027.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8775mt6899androidmt8796mt6991mt6897mt6878mt6989MT6878, MT6897, MT6899, MT6989, MT6991, MT8775, MT8796
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20767
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.42%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In display, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4807.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6789mt8792mt6989mt8196mt6833mt6739mt6983mt8793mt6895mt6889mt8678mt6897mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt6893mt2718mt6855mt6768mt6877mt8676mt6899mt6879mt6878androidmt6985mt6853MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20645
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.03%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 02:25
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09475476; Issue ID: MSV-2599.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6893mt6765mt6989mt6835mt6768mt6855mt6853androidmt6886mt6879mt6983mt8796mt6897mt6985mt6833MT6765, MT6768, MT6833, MT6835, MT6853, MT6855, MT6879, MT6886, MT6893, MT6897, MT6983, MT6985, MT6989, MT8796
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-20764
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.42%
||
7 Day CHG~0.00%
Published-02 Dec, 2025 | 02:34
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In smi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10259774; Issue ID: MSV-5029.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6789mt8792mt6989mt8873mt8196mt6833mt6739mt6983mt8793mt6895mt8796mt6889mt8678mt6897mt6765mt6883mt6886mt6781mt6835mt6761mt6885mt6991mt6893mt8676mt6855mt6768mt6877mt6899mt6879mt6878mt8893androidmt6985mt6853MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8792, MT8793, MT8796, MT8873, MT8893
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-27828
Matching Score-8
Assigner-Samsung Mobile
ShareView Details
Matching Score-8
Assigner-Samsung Mobile
CVSS Score-8.5||HIGH
EPSS-0.01% / 2.63%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:37
Updated-03 Aug, 2024 | 05:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation vulnerability in MediaMonitorEvent prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2019-2192
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.40%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 17:30
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In call of SliceProvider.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-138441555

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2019-2195
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.93%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 17:32
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In tokenize of sqlite3_android.cpp, there is a possible attacker controlled INSERT statement due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-139186193

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2019-2214
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.61%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 17:44
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In binder_transaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-136210786References: Upstream kernel

Action-Not Available
Vendor-n/aCanonical Ltd.Google LLC
Product-androidubuntu_linuxAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2207
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.26%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 17:42
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In nfa_hci_handle_admin_gate_rsp of nfa_hci_act.cc, there is a possible out of bound write due to missing bounds checks. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-124524315

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2193
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.21%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 17:31
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In WelcomeActivity.java and related files, there is a possible permissions bypass due to a partially provisioned Device Policy Client. This could lead to local escalation of privilege, leaving an Admin app installed with no indication to the user, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-132261064

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-2210
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.67%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 19:47
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In load_logging_config of qmi_vs_service.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-139148442

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-42747
Matching Score-8
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-8
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-7.8||HIGH
EPSS-0.02% / 6.28%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 00:54
Updated-29 May, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In camera service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

Action-Not Available
Vendor-Unisoc (Shanghai) Technologies Co., Ltd.Google LLC
Product-sc9832et610t770t618t310t820t616t606sc7731et612sc9863at760s8000androidSC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000
CWE ID-CWE-862
Missing Authorization
CVE-2020-11875
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.63%
||
7 Day CHG~0.00%
Published-17 Apr, 2020 | 13:26
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10.0 (MTK chipsets) software. The MTK kernel does not properly implement exception handling, allowing an attacker to gain privileges. The LG ID is LVE-SMP-200001 (February 2020).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2019-2202
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.67%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 17:36
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-137283376

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2218
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.04%
||
7 Day CHG~0.00%
Published-06 Dec, 2019 | 22:40
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In createSessionInternal of PackageInstallerService.java, there is a possible improper permission grant due to a missing permission check. This could lead to local escalation of privilege by installing malicious packages with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-141169173

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-862
Missing Authorization
CVE-2019-20773
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.63%
||
7 Day CHG~0.00%
Published-17 Apr, 2020 | 13:36
Updated-05 Aug, 2024 | 02:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. Unprivileged applications can execute shell commands via the connectivity service. The LG ID is LVE-SMP-190008 (August 2019).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CVE-2014-9646
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.03% / 9.10%
||
7 Day CHG~0.00%
Published-27 Jan, 2015 | 11:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted Windows search path vulnerability in the GoogleChromeDistribution::DoPostUninstallOperations function in installer/util/google_chrome_distribution.cc in the uninstall-survey feature in Google Chrome before 40.0.2214.91 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% directory, as demonstrated by program.exe, a different vulnerability than CVE-2015-1205.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CVE-2019-20542
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.52%
||
7 Day CHG~0.00%
Published-24 Mar, 2020 | 17:54
Updated-05 Aug, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), and P(9.0) (Exynos chipsets) software. There is a stack overflow in the kernel driver. The Samsung ID is SVE-2019-15034 (November 2019).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0242
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.23%
||
7 Day CHG~0.00%
Published-11 Aug, 2020 | 19:27
Updated-04 Aug, 2024 | 05:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In reset of NuPlayerDriver.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-151643722

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-667
Improper Locking
CVE-2022-26472
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 6.21%
||
7 Day CHG~0.00%
Published-07 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 05:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ims, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319095; Issue ID: ALPS07319095.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6879mt6873mt6893mt8675mt8765mt8788mt6983mt8666mt6765mt6891mt6883mt6853tmt6739mt8768mt8789mt6769mt6761mt6875mt6889mt8797mt8321mt6768mt8786mt8766mt6771mt8385mt6833mt6885mt6762mt6877mt6781mt6853mt6895mt6789androidmt8791mt6779mt6785mt6763MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8385, MT8666, MT8675, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2019-20592
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.17%
||
7 Day CHG~0.00%
Published-24 Mar, 2020 | 19:03
Updated-05 Aug, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is local SQL injection in the Story Video Editor Content Provider. The Samsung ID is SVE-2019-14062 (July 2019).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-1999
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.60% / 69.81%
||
7 Day CHG~0.00%
Published-28 Feb, 2019 | 17:00
Updated-17 Sep, 2024 | 03:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-120025196.

Action-Not Available
Vendor-Canonical Ltd.AndroidGoogle LLCDebian GNU/Linux
Product-androiddebian_linuxubuntu_linuxAndroid
CWE ID-CWE-415
Double Free
CVE-2019-20573
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.17%
||
7 Day CHG~0.00%
Published-24 Mar, 2020 | 18:41
Updated-05 Aug, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. There is local SQL injection in the RCS Content Provider. The Samsung IDs are SVE-2019-14059, SVE-2019-14685 (August 2019).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2020-10841
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.97%
||
7 Day CHG~0.00%
Published-24 Mar, 2020 | 17:24
Updated-04 Aug, 2024 | 11:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 9610 chipsets) software. There is an arbitrary kfree in the vipx and vertex drivers. The Samsung ID is SVE-2019-16294 (February 2020).

Action-Not Available
Vendor-n/aGoogle LLCSamsung
Product-androidexynos_9610n/a
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 34
  • 35
  • Next
Details not found