Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Filtered by product Android
Total 7739 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-20625 1 Google 1 Android 2023-12-10 2.1 LOW 3.3 LOW
An issue was discovered on Samsung mobile devices with N(7.1) and O(8.x) (Exynos chipsets) software. The ion debugfs driver allows information disclosure. The Samsung ID is SVE-2018-13427 (February 2019).
CVE-2016-11048 1 Google 1 Android 2023-12-10 2.1 LOW 4.6 MEDIUM
An issue was discovered on Samsung mobile devices with L(5.0/5.1) (Spreadtrum or Marvell chipsets) software. There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2016-5421 (March 2016).
CVE-2017-18665 1 Google 1 Android 2023-12-10 5.8 MEDIUM 8.8 HIGH
An issue was discovered on Samsung mobile devices with M(6.0) software. There is a NULL pointer exception in WifiService via adb-cmd, causing memory corruption. The Samsung ID is SVE-2017-8287 (June 2017).
CVE-2020-13835 1 Google 1 Android 2023-12-10 5.0 MEDIUM 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with O(8.x) (with TEEGRIS) software. The Gatekeeper Trustlet allows a brute-force attack on user credentials. The Samsung ID is SVE-2020-16908 (June 2020).
CVE-2020-0343 1 Google 1 Android 2023-12-10 2.1 LOW 5.5 MEDIUM
In NetworkStatsService, there is a possible access to protected data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-119672472
CVE-2020-12748 1 Google 1 Android 2023-12-10 5.0 MEDIUM 5.3 MEDIUM
An issue was discovered on Samsung mobile devices with Q(10.0) software. Attackers can bypass the locked-state protection mechanism and designate a different preferred SIM card. The Samsung ID is SVE-2020-16594 (May 2020).
CVE-2017-18645 1 Google 1 Android 2023-12-10 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) (Qualcomm chipsets) software. There is a panel_lpm sysfs stack-based buffer overflow. The Samsung ID is SVE-2017-9414 (December 2017).
CVE-2016-11046 1 Google 1 Android 2023-12-10 5.0 MEDIUM 7.5 HIGH
An issue was discovered on Samsung mobile devices with JBP(4.3), KK(4.4), and L(5.0/5.1) software. Because of a misused whitelist, attackers can reach the radio layer (aka RIL or RILD) to place calls or send SMS messages. The Samsung ID is SVE-2016-5733 (May 2016).
CVE-2020-25061 1 Google 1 Android 2023-12-10 7.5 HIGH 9.8 CRITICAL
An issue was discovered on LG mobile devices with Android OS 9 and 10 software on the VZW network. lge_property allows property overwrites. The LG ID is LVE-SMP-200016 (July 2020).
CVE-2020-0380 1 Google 1 Android 2023-12-10 10.0 HIGH 9.8 CRITICAL
In allocExcessBits of bitalloc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-146398979
CVE-2019-20563 1 Google 1 Android 2023-12-10 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. The SEC_FR trustlet has an out of bounds write. The Samsung ID is SVE-2019-15272 (October 2019).
CVE-2019-20578 2 Google, Samsung 2 Android, Exynos 9820 2023-12-10 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with P(9.0) (Exynos 9820 chipsets) software. A Buffer overflow occurs when loading the UH Partition during Secure Boot. The Samsung ID is SVE-2019-14412 (August 2019).
CVE-2020-0428 1 Google 1 Android 2023-12-10 4.4 MEDIUM 6.4 MEDIUM
In CamX code, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-123999783
CVE-2020-25279 1 Google 1 Android 2023-12-10 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The baseband component has a buffer overflow via an abnormal SETUP message, leading to execution of arbitrary code. The Samsung ID is SVE-2020-18098 (September 2020).
CVE-2020-0067 2 Canonical, Google 2 Ubuntu Linux, Android 2023-12-10 2.1 LOW 4.4 MEDIUM
In f2fs_xattr_generic_list of xattr.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not required for exploitation.Product: Android. Versions: Android kernel. Android ID: A-120551147.
CVE-2020-0074 1 Google 1 Android 2023-12-10 7.2 HIGH 7.8 HIGH
In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-146204120
CVE-2020-0149 1 Google 1 Android 2023-12-10 2.1 LOW 4.4 MEDIUM
In btu_hcif_mode_change_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142544089
CVE-2020-15582 2 Google, Samsung 2 Android, Exynos 7885 2023-12-10 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 7885 chipsets) software. The Bluetooth Low Energy (BLE) component has a buffer overflow with a resultant deadlock or crash. The Samsung ID is SVE-2020-16870 (July 2020).
CVE-2020-0259 1 Google 1 Android 2023-12-10 7.2 HIGH 7.8 HIGH
In android_verity_ctr of dm-android-verity.c, there is a possible way to modify a dm-verity protected filesystem due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-157941353References: N/A
CVE-2020-0393 1 Google 1 Android 2023-12-10 4.9 MEDIUM 5.5 MEDIUM
In decrypt and decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-154123412