Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-27230

Summary
Assigner-Google_Devices
Assigner Org ID-83238938-5644-45f0-9007-c0392bcf6222
Published At-11 Mar, 2024 | 18:55
Updated At-14 Nov, 2024 | 20:21
Rejected At-
Credits

In ProtocolPsKeepAliveStatusAdapter::getCode() of protocolpsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Google_Devices
Assigner Org ID:83238938-5644-45f0-9007-c0392bcf6222
Published At:11 Mar, 2024 | 18:55
Updated At:14 Nov, 2024 | 20:21
Rejected At:
▼CVE Numbering Authority (CNA)

In ProtocolPsKeepAliveStatusAdapter::getCode() of protocolpsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.

Affected Products
Vendor
Google LLCGoogle
Product
Android
Default Status
unaffected
Versions
Affected
  • 13
Problem Types
TypeCWE IDDescription
N/AN/AInformation disclosure
Type: N/A
CWE ID: N/A
Description: Information disclosure
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://source.android.com/security/bulletin/pixel/2024-03-01
N/A
Hyperlink: https://source.android.com/security/bulletin/pixel/2024-03-01
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125 Out-of-bounds Read
Type: CWE
CWE ID: CWE-125
Description: CWE-125 Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
3.15.1MEDIUM
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Version: 3.1
Base score: 5.1
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://source.android.com/security/bulletin/pixel/2024-03-01
x_transferred
Hyperlink: https://source.android.com/security/bulletin/pixel/2024-03-01
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:dsap-vuln-management@google.com
Published At:11 Mar, 2024 | 19:15
Updated At:03 Apr, 2025 | 15:54

In ProtocolPsKeepAliveStatusAdapter::getCode() of protocolpsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.1MEDIUM
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 5.1
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CPE Matches
Google LLC
google
>>android>>13.0
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-125
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://source.android.com/security/bulletin/pixel/2024-03-01dsap-vuln-management@google.com
Vendor Advisory
https://source.android.com/security/bulletin/pixel/2024-03-01af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://source.android.com/security/bulletin/pixel/2024-03-01
Source: dsap-vuln-management@google.com
Resource:
Vendor Advisory
Hyperlink: https://source.android.com/security/bulletin/pixel/2024-03-01
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1231Records found
CVE-2024-47028
Matching Score-10
Assigner-Google Devices
ShareView Details
Matching Score-10
Assigner-Google Devices
CVSS Score-5.1||MEDIUM
EPSS-0.04% / 11.17%
||
7 Day CHG~0.00%
Published-25 Oct, 2024 | 10:34
Updated-28 Oct, 2024 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ffu_flash_pack of ffu.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroidpixel
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-47029
Matching Score-10
Assigner-Google Devices
ShareView Details
Matching Score-10
Assigner-Google Devices
CVSS Score-5.1||MEDIUM
EPSS-0.07% / 21.95%
||
7 Day CHG~0.00%
Published-25 Oct, 2024 | 10:34
Updated-28 Oct, 2024 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In TrustySharedMemoryManager::GetSharedMemory of ondevice/trusty/trusty_shared_memory_manager.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroidpixel
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-47026
Matching Score-10
Assigner-Google Devices
ShareView Details
Matching Score-10
Assigner-Google Devices
CVSS Score-5.1||MEDIUM
EPSS-0.07% / 21.95%
||
7 Day CHG~0.00%
Published-25 Oct, 2024 | 10:34
Updated-28 Oct, 2024 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gsc_gsa_rescue of gsc_gsa.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroidpixel
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-47021
Matching Score-10
Assigner-Google Devices
ShareView Details
Matching Score-10
Assigner-Google Devices
CVSS Score-5.1||MEDIUM
EPSS-0.64% / 70.60%
||
7 Day CHG~0.00%
Published-25 Oct, 2024 | 10:34
Updated-28 Oct, 2024 | 21:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In sms_ExtractCbLanguage of sms_CellBroadcast.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-47034
Matching Score-10
Assigner-Google Devices
ShareView Details
Matching Score-10
Assigner-Google Devices
CVSS Score-5.1||MEDIUM
EPSS-0.07% / 21.95%
||
7 Day CHG~0.00%
Published-25 Oct, 2024 | 10:34
Updated-28 Oct, 2024 | 17:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroidpixel
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-47020
Matching Score-8
Assigner-Google Devices
ShareView Details
Matching Score-8
Assigner-Google Devices
CVSS Score-5.1||MEDIUM
EPSS-0.16% / 36.76%
||
7 Day CHG~0.00%
Published-25 Oct, 2024 | 10:34
Updated-28 Oct, 2024 | 21:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ABL component, A-331966488.

Action-Not Available
Vendor-Google LLC
Product-pixel_4a_5gpixel_8apixel_7_propixel_xlpixel_5pixel_5apixel_2_xlpixel_3apixel_3a_xlpixel_6pixel_4pixel_8_propixel_9_pro_foldpixel_pro_xlpixel_6apixel_7pixel_slatepixel_2pixel_4apixel_cpixel_3pixel_3_xlpixel_9_propixel_9pixel_8pixel_7apixel_4_xlpixel_6_proandroidpixelpixel_foldpixel_tabletAndroid
CVE-2024-47025
Matching Score-8
Assigner-Google Devices
ShareView Details
Matching Score-8
Assigner-Google Devices
CVSS Score-5.1||MEDIUM
EPSS-0.05% / 17.07%
||
7 Day CHG~0.00%
Published-25 Oct, 2024 | 10:34
Updated-28 Oct, 2024 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ppmp_protect_buf of drm_fw.c, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroidpixel
CWE ID-CWE-863
Incorrect Authorization
CVE-2024-47030
Matching Score-8
Assigner-Google Devices
ShareView Details
Matching Score-8
Assigner-Google Devices
CVSS Score-5.1||MEDIUM
EPSS-0.13% / 32.48%
||
7 Day CHG~0.00%
Published-25 Oct, 2024 | 10:34
Updated-28 Oct, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ACPM component, A-315191818.

Action-Not Available
Vendor-Google LLC
Product-Androidandroidpixel
CVE-2024-47022
Matching Score-8
Assigner-Google Devices
ShareView Details
Matching Score-8
Assigner-Google Devices
CVSS Score-5.1||MEDIUM
EPSS-0.16% / 36.76%
||
7 Day CHG~0.00%
Published-25 Oct, 2024 | 10:34
Updated-28 Oct, 2024 | 21:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ACPM component, A-331255656.

Action-Not Available
Vendor-Google LLC
Product-pixel_4a_5gpixel_8apixel_7_propixel_xlpixel_5pixel_5apixel_2_xlpixel_3apixel_3a_xlpixel_6pixel_4pixel_8_propixel_9_pro_foldpixel_pro_xlpixel_6apixel_7pixel_slatepixel_2pixel_4apixel_cpixel_3pixel_3_xlpixel_9_propixel_9pixel_8pixel_7apixel_4_xlpixel_6_proandroidpixelpixel_foldpixel_tabletAndroidandroidpixel
CVE-2021-25453
Matching Score-8
Assigner-Samsung Mobile
ShareView Details
Matching Score-8
Assigner-Samsung Mobile
CVSS Score-5.1||MEDIUM
EPSS-0.02% / 5.43%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 18:04
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some improper access control in Bluetooth APIs prior to SMR Sep-2021 Release 1 allows untrusted application to get Bluetooth information.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2026-7949
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-3.1||LOW
EPSS-0.03% / 9.21%
||
7 Day CHG~0.00%
Published-06 May, 2026 | 18:12
Updated-07 May, 2026 | 02:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Medium)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationGoogle LLCLinux Kernel Organization, Inc
Product-chromewindowslinux_kernelmacosChrome
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-7950
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-5.4||MEDIUM
EPSS-0.03% / 9.21%
||
7 Day CHG~0.00%
Published-06 May, 2026 | 18:12
Updated-07 May, 2026 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read and write in GFX in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via malicious network traffic. (Chromium security severity: Medium)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationGoogle LLCLinux Kernel Organization, Inc
Product-chromewindowslinux_kernelmacosChrome
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-47019
Matching Score-6
Assigner-Google Devices
ShareView Details
Matching Score-6
Assigner-Google Devices
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 20.28%
||
7 Day CHG~0.00%
Published-25 Oct, 2024 | 10:34
Updated-28 Oct, 2024 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ProtocolEmbmsSaiListAdapter::Init() of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-47039
Matching Score-6
Assigner-Google Devices
ShareView Details
Matching Score-6
Assigner-Google Devices
CVSS Score-10||CRITICAL
EPSS-0.23% / 45.83%
||
7 Day CHG~0.00%
Published-18 Dec, 2024 | 19:04
Updated-18 Dec, 2024 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OOB Read in the android.hardware.boot.IBootControl/default service

In isSlotMarkedSuccessful of BootControl.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local  information disclosure with no additional execution privileges needed. User  interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-47018
Matching Score-6
Assigner-Google Devices
ShareView Details
Matching Score-6
Assigner-Google Devices
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 20.24%
||
7 Day CHG~0.00%
Published-25 Oct, 2024 | 10:34
Updated-28 Oct, 2024 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In pmucal_rae_handle_seq_int of flexpmu_cal_rae.c, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-7981
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.1||HIGH
EPSS-0.03% / 8.06%
||
7 Day CHG~0.00%
Published-06 May, 2026 | 18:13
Updated-07 May, 2026 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read in Codecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive information from process memory via a malicious file. (Chromium security severity: Medium)

Action-Not Available
Vendor-Apple Inc.Google LLCLinux Kernel Organization, IncMicrosoft Corporation
Product-chromewindowslinux_kernelmacosChrome
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-8535
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.3||MEDIUM
EPSS-0.03% / 8.00%
||
7 Day CHG~0.00%
Published-14 May, 2026 | 19:52
Updated-14 May, 2026 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-Chrome
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-7936
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-4.3||MEDIUM
EPSS-0.03% / 7.17%
||
7 Day CHG~0.00%
Published-06 May, 2026 | 18:12
Updated-06 May, 2026 | 23:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Object lifecycle issue in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationGoogle LLCLinux Kernel Organization, Inc
Product-chromewindowslinux_kernelmacosChrome
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-7902
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.08% / 23.64%
||
7 Day CHG+0.01%
Published-06 May, 2026 | 18:12
Updated-10 May, 2026 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds memory access in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Apple Inc.Google LLCLinux Kernel Organization, IncMicrosoft Corporation
Product-chromewindowslinux_kernelmacosChrome
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-7899
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.08% / 23.64%
||
7 Day CHG+0.01%
Published-06 May, 2026 | 18:12
Updated-07 May, 2026 | 03:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read and write in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationGoogle LLCLinux Kernel Organization, Inc
Product-chromewindowslinux_kernelmacosChrome
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-8578
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-3.1||LOW
EPSS-0.03% / 10.50%
||
7 Day CHG~0.00%
Published-14 May, 2026 | 19:52
Updated-15 May, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read in GPU in Google Chrome on Linux prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Google LLC
Product-Chrome
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-7933
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-4.3||MEDIUM
EPSS-0.02% / 6.58%
||
7 Day CHG~0.00%
Published-06 May, 2026 | 18:12
Updated-06 May, 2026 | 23:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read in WebCodecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform an out of bounds memory read via a crafted video file. (Chromium security severity: Medium)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationGoogle LLCLinux Kernel Organization, Inc
Product-chromewindowslinux_kernelmacosChrome
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-7995
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.08% / 23.64%
||
7 Day CHG+0.01%
Published-06 May, 2026 | 18:13
Updated-07 May, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read in AdFilter in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationGoogle LLCLinux Kernel Organization, Inc
Product-chromewindowslinux_kernelmacosChrome
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-7983
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-4.3||MEDIUM
EPSS-0.03% / 7.17%
||
7 Day CHG~0.00%
Published-06 May, 2026 | 18:13
Updated-06 May, 2026 | 23:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read in Dawn in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationGoogle LLCLinux Kernel Organization, Inc
Product-chromewindowslinux_kernelmacosChrome
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-8543
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.3||MEDIUM
EPSS-0.03% / 8.00%
||
7 Day CHG~0.00%
Published-14 May, 2026 | 19:52
Updated-14 May, 2026 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read in FileSystem in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-Chrome
CWE ID-CWE-125
Out-of-bounds Read
CVE-2012-5109
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-5||MEDIUM
EPSS-0.77% / 73.76%
||
7 Day CHG~0.00%
Published-09 Oct, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The International Components for Unicode (ICU) functionality in Google Chrome before 22.0.1229.92 allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a regular expression.

Action-Not Available
Vendor-n/aGoogle LLC
Product-chromen/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-5907
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.1||HIGH
EPSS-0.09% / 26.12%
||
7 Day CHG+0.01%
Published-08 Apr, 2026 | 21:21
Updated-14 Apr, 2026 | 14:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient data validation in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted video file. (Chromium security severity: Low)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationGoogle LLCLinux Kernel Organization, Inc
Product-linux_kernelchromewindowsmacosChrome
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-6308
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-7.5||HIGH
EPSS-0.03% / 9.96%
||
7 Day CHG~0.00%
Published-15 Apr, 2026 | 19:04
Updated-17 Apr, 2026 | 17:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationGoogle LLCLinux Kernel Organization, Inc
Product-linux_kernelchromewindowsmacosChrome
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-8541
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.3||MEDIUM
EPSS-0.03% / 8.00%
||
7 Day CHG~0.00%
Published-14 May, 2026 | 19:52
Updated-14 May, 2026 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-Chrome
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-7354
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.03% / 7.30%
||
7 Day CHG~0.00%
Published-28 Apr, 2026 | 22:35
Updated-30 Apr, 2026 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read and write in Angle in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationGoogle LLCLinux Kernel Organization, Inc
Product-chromewindowslinux_kernelmacosChrome
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-5873
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.11% / 29.17%
||
7 Day CHG+0.01%
Published-08 Apr, 2026 | 21:20
Updated-13 Apr, 2026 | 18:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read and write in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationGoogle LLCLinux Kernel Organization, Inc
Product-linux_kernelchromewindowsmacosChrome
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-8936
Matching Score-6
Assigner-Google LLC
ShareView Details
Matching Score-6
Assigner-Google LLC
CVSS Score-5.3||MEDIUM
EPSS-0.02% / 5.22%
||
7 Day CHG~0.00%
Published-15 Dec, 2020 | 14:55
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arbitrary enclave memory overwrite vulnerability in ECall ecall_restore

An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to UntrustedCall. UntrustedCall failed to validate the buffer range within sgx_params and allowed the host to return a pointer that was an address within the enclave memory. This allowed an attacker to read memory values from within the enclave.

Action-Not Available
Vendor-Google LLC
Product-asyloAsylo
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-4674
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.03% / 9.63%
||
7 Day CHG~0.00%
Published-24 Mar, 2026 | 00:24
Updated-25 Mar, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read in CSS in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationGoogle LLCLinux Kernel Organization, Inc
Product-linux_kernelchromewindowsmacosChrome
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-4677
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.03% / 7.90%
||
7 Day CHG~0.00%
Published-24 Mar, 2026 | 00:24
Updated-25 Mar, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Inappropriate implementation in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationGoogle LLCLinux Kernel Organization, Inc
Product-linux_kernelchromewindowsmacosChrome
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-8939
Matching Score-6
Assigner-Google LLC
ShareView Details
Matching Score-6
Assigner-Google LLC
CVSS Score-5.3||MEDIUM
EPSS-0.02% / 5.22%
||
7 Day CHG~0.00%
Published-15 Dec, 2020 | 14:55
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of Bounds read in Asylo

An out of bounds read on the enc_untrusted_inet_ntop function allows an attack to extend the result size that is used by memcpy() to read memory from within the enclave heap. We recommend upgrading past commit 6ff3b77ffe110a33a2f93848a6333f33616f02c4

Action-Not Available
Vendor-Google LLC
Product-asyloAsylo
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-47458
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 2.46%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 01:32
Updated-05 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.

Action-Not Available
Vendor-Unisoc (Shanghai) Technologies Co., Ltd.Google LLC
Product-s8000sc9832esc7731et612t770t618t310t760t610androidsc9863at616t820t606SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-48236
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 4.01%
||
7 Day CHG-0.00%
Published-09 May, 2023 | 01:20
Updated-28 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In MP3 encoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-androidt610t616t770t618sc9863at820s8000t606sc7731esc9832et612t310t760SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-47352
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.88%
||
7 Day CHG~0.00%
Published-04 Sep, 2023 | 01:16
Updated-30 Sep, 2024 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-androidt610t618T610/T618
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-47323
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-6.4||MEDIUM
EPSS-0.01% / 1.62%
||
7 Day CHG~0.00%
Published-06 Feb, 2023 | 05:27
Updated-26 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.

Action-Not Available
Vendor-Unisoc (Shanghai) Technologies Co., Ltd.Google LLC
Product-t610t820sc9832et760t606s8000t616t310androidt618sc7731et612sc9863at770SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-47456
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 2.46%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 01:31
Updated-05 Mar, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.

Action-Not Available
Vendor-Unisoc (Shanghai) Technologies Co., Ltd.Google LLC
Product-t310t820t616androidt610t770t612t606s8000sc9832et760sc7731esc9863at618SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-18051
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.12% / 30.06%
||
7 Day CHG~0.00%
Published-16 Mar, 2018 | 22:00
Updated-16 Sep, 2024 | 23:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for event->vdev_id in wma_rcpi_event_handler(), which is received from firmware, leads to potential out of bounds memory read.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2022-44446
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 2.46%
||
7 Day CHG~0.00%
Published-04 Jan, 2023 | 00:00
Updated-10 Apr, 2025 | 14:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t310t820t616androidt610t770t612t606s8000sc9832et760sc7731esc9863at618SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-44442
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 2.46%
||
7 Day CHG~0.00%
Published-04 Jan, 2023 | 00:00
Updated-10 Apr, 2025 | 14:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t310t820t616androidt610t770t612t606s8000sc9832et760sc7731esc9863at618SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-44443
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 2.46%
||
7 Day CHG~0.00%
Published-04 Jan, 2023 | 00:00
Updated-10 Apr, 2025 | 14:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t310t820t616androidt610t770t612t606s8000sc9832et760sc7731esc9863at618SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-20093
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 7.52%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 02:35
Updated-27 Oct, 2024 | 03:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1699.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6873mt8385mt6885mt8788mt8666mt6765mt6853mt8667androidmt8768mt8789mt6761mt6768mt6779mt6785mt8781mt8766MT6761, MT6765, MT6768, MT6779, MT6785, MT6853, MT6873, MT6885, MT8385, MT8666, MT8667, MT8766, MT8768, MT8781, MT8788, MT8789
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-18159
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.78%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, while processing a StrHwPlatform with length smaller than EFICHIPINFO_MAX_ID_LENGTH, an array out of bounds access may occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-44441
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 2.46%
||
7 Day CHG~0.00%
Published-04 Jan, 2023 | 00:00
Updated-10 Apr, 2025 | 14:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t310t820t616androidt610t770t612t606s8000sc9832et760sc7731esc9863at618SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-44440
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 2.46%
||
7 Day CHG~0.00%
Published-04 Jan, 2023 | 00:00
Updated-10 Apr, 2025 | 14:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.

Action-Not Available
Vendor-Google LLCUnisoc (Shanghai) Technologies Co., Ltd.
Product-t310t820t616t770t610androidt612t606s8000sc9832et760sc7731esc9863at618SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-42515
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 4.90%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-17 Apr, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In MiscService::DoOemSetRtpPktlossThreshold of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763503References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-42532
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 4.90%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-17 Apr, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242332610References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 24
  • 25
  • Next
Details not found