Export limit exceeded: 13606 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13606 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-26441 | 1 Google | 1 Android | 2025-09-08 | 6.5 Medium |
| In add_attr of sdp_discovery.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-26445 | 1 Google | 1 Android | 2025-09-08 | 5.5 Medium |
| In offerNetwork of ConnectivityService.java, there is a possible leak of sensitive data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-26448 | 1 Google | 1 Android | 2025-09-08 | 5.5 Medium |
| In writeToParcel of CursorWindow.cpp, there is a possible out of bounds read due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-26449 | 1 Google | 1 Android | 2025-09-08 | 5.5 Medium |
| In multiple locations, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-26453 | 1 Google | 1 Android | 2025-09-08 | 5.5 Medium |
| In isContentUriForOtherUser of BluetoothOppSendFileInfo.java, there is a possible cross user data leak due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-26458 | 1 Google | 1 Android | 2025-09-08 | 7.8 High |
| In multiple functions of LocationProviderManager.java, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-32323 | 1 Google | 1 Android | 2025-09-08 | 7.8 High |
| In getCallingAppName of Shared.java, there is a possible way to trick users into granting file access via deceptive text in a permission popup due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-32330 | 1 Google | 1 Android | 2025-09-08 | 5.7 Medium |
| In generateRandomPassword of LocalBluetoothLeBroadcast.java, there is a possible way to intercept the Auracast audio stream due to an insecure default value. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48524 | 1 Google | 1 Android | 2025-09-08 | 5.5 Medium |
| In isSystem of WifiPermissionsUtil.java, there is a possible permission bypass due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48560 | 1 Google | 1 Android | 2025-09-08 | 5.5 Medium |
| In AndroidManifest.xml, there is a possible way for an app to monitor motion events due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-40664 | 1 Google | 1 Android | 2025-09-08 | 6.2 Medium |
| In setupAccessibilityServices of AccessibilityFragment.java , there is a possible way to hide an enabled accessibility service due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-0076 | 1 Google | 1 Android | 2025-09-05 | 3.3 Low |
| In multiple locations, there is a possible way to view icons belonging to another user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-26463 | 1 Google | 1 Android | 2025-09-05 | 5.5 Medium |
| In allowPackageAccess of multiple files, resource exhaustion is possible when repeatedly adding allowed packages. This could lead to a local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-26429 | 1 Google | 1 Android | 2025-09-05 | 5.5 Medium |
| In collectOps of AppOpsService.java, there is a possible way to cause permanent DoS due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-26428 | 1 Google | 1 Android | 2025-09-05 | 3.2 Low |
| In startLockTaskMode of LockTaskController.java, there is a possible lock screen bypass due to a logic error in the code. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2025-26424 | 1 Google | 1 Android | 2025-09-05 | 4 Medium |
| In multiple functions of VpnManager.java, there is a possible cross-user data leak due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48530 | 1 Google | 1 Android | 2025-09-05 | 8.1 High |
| In multiple locations, there is a possible condition that results in OOB accesses due to an incorrect bounds check. This could lead to remote code execution in combination with other bugs, with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48529 | 1 Google | 1 Android | 2025-09-05 | 5.5 Medium |
| In setRingtoneUri of VoicemailNotificationSettingsUtil.java , there is a possible cross user data leak due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48527 | 1 Google | 1 Android | 2025-09-05 | 6.2 Medium |
| In multiple locations, there is a possible way to leak hidden work profile notifications due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48533 | 1 Google | 1 Android | 2025-09-05 | 7 High |
| In multiple locations, there is a possible way to use apps linked from a context menu of a lockscreen app due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||