Android
Monthly
In connectivity system driver, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In bluetooth driver, there is a possible out of bounds read due to improper input validation. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In wlan service, there is a possible out of bounds read due to improper input validation. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In power, there is a possible out of bounds write due to an insecure default value. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
In stc, there is a possible out of bounds read due to a race condition. Rated medium severity (CVSS 6.3). No vendor patch available.
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.
In imgsys, there is a possible out of bounds read due to a missing valid range checking. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
In imgsys, there is a possible out of bounds write due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
In imgsys, there is a possible out of bounds read due to a missing valid range checking. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.
In imgsys, there is a possible out of bounds read due to a race condition. Rated medium severity (CVSS 4.0). No vendor patch available.
In seninf, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In camsys, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In camsys, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
In pda, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
In keyinstall, there is a possible information disclosure due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In ims service, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
In cta, there is a possible information disclosure due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In duraspeed, there is a possible information disclosure due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In duraspeed, there is a possible information disclosure due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In cmdq, there is a possible out of bounds read due to an incorrect status check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In netdagent, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In nvram, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In wcn bsp driver, there is a possible out of bounds write due to a missing bounds check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In gnss service, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In urild service, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In urild service, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In ims service, there is a possible missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In ims service, there is a possible missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In LTE protocol stack, there is a possible missing permission check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In NIA0 algorithm in Security Mode Command, there is a possible missing verification incorrect input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default value. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In openContentUri of ActivityManagerService.java, there is a possible way for a third party app to obtain restricted files due to a confused deputy. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In multiple locations, there is a possible bypass of a multi user security boundary due to a confused deputy. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In visitUris of Notification.java, there is a possible way to reveal images across users due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.
In multiple locations, there is a possible code execution due to type confusion. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.
In visitUris of RemoteViews.java, there is a possible way to reveal images across users due to a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In setMetadata of MediaSessionRecord.java, there is a possible way to view another user's images due to a confused deputy. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In multiple functions of DevicePolicyManager.java, there is a possible way to prevent enabling the Find my Device feature due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In multiple functions of StatusHints.java, there is a possible way to reveal images across users due to a confused deputy. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.
In TRANSPOSER_SETTINGS of lpp_tran.h, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
In multiple functions of KeyguardViewMediator.java, there is a possible failure to lock after screen timeout due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In connectivity system driver, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In bluetooth driver, there is a possible out of bounds read due to improper input validation. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In wlan service, there is a possible out of bounds read due to improper input validation. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In power, there is a possible out of bounds write due to an insecure default value. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
In stc, there is a possible out of bounds read due to a race condition. Rated medium severity (CVSS 6.3). No vendor patch available.
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.
In imgsys, there is a possible out of bounds read due to a missing valid range checking. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
In imgsys, there is a possible out of bounds write due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.
In imgsys, there is a possible out of bounds read due to a missing valid range checking. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.
In imgsys, there is a possible out of bounds read due to a race condition. Rated medium severity (CVSS 4.0). No vendor patch available.
In seninf, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In camsys, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In camsys, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
In pda, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
In keyinstall, there is a possible information disclosure due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In ims service, there is a possible memory corruption due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
In cta, there is a possible information disclosure due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In duraspeed, there is a possible information disclosure due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In duraspeed, there is a possible information disclosure due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In cmdq, there is a possible out of bounds read due to an incorrect status check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In netdagent, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In nvram, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In wcn bsp driver, there is a possible out of bounds write due to a missing bounds check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In gnss service, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In urild service, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In urild service, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In ims service, there is a possible missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In ims service, there is a possible missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In LTE protocol stack, there is a possible missing permission check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In NIA0 algorithm in Security Mode Command, there is a possible missing verification incorrect input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default value. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In openContentUri of ActivityManagerService.java, there is a possible way for a third party app to obtain restricted files due to a confused deputy. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In multiple locations, there is a possible bypass of a multi user security boundary due to a confused deputy. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In visitUris of Notification.java, there is a possible way to reveal images across users due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.
In multiple locations, there is a possible code execution due to type confusion. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.
In visitUris of RemoteViews.java, there is a possible way to reveal images across users due to a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In setMetadata of MediaSessionRecord.java, there is a possible way to view another user's images due to a confused deputy. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In multiple functions of DevicePolicyManager.java, there is a possible way to prevent enabling the Find my Device feature due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In multiple functions of StatusHints.java, there is a possible way to reveal images across users due to a confused deputy. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.
In TRANSPOSER_SETTINGS of lpp_tran.h, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
In multiple functions of KeyguardViewMediator.java, there is a possible failure to lock after screen timeout due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.