Monthly
In startLockTaskMode of LockTaskController.java, there is a possible lock screen bypass due to a logic error in the code. Rated low severity (CVSS 3.2), this vulnerability is no authentication required, low attack complexity.
In multiple locations, there is a possible Android/data access due to a path traversal error. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity.
In BroadcastController.java of registerReceiverWithFeatureTraced, there is a possible way to receive broadcasts meant for the "android" package due to improper input validation. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In multiple functions of RoleService.java, there is a possible permission squatting vulnerability due to a logic error in the code. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity.
In multiple functions of VpnManager.java, there is a possible cross-user data leak due to a logic error in the code. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity.
In validateIpConfiguration of WifiConfigurationUtil.java, there is a possible way to trigger a permanent DoS due to a missing bounds check. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
In dump of WindowManagerService.java, there is a possible way of running dumpsys without the required permission due to a missing permission check. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity.
In multiple locations, there is a possible lock screen bypass due to a logic error in the code. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity.
In multiple functions of GrantPermissionsActivity.java , there is a possible way to trick the user into granting the incorrect permission due to permission overload. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity.
In onCreate of InstallStart.java, there is a possible permissions bypass due to improper input validation. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.
In onCreate of UninstallerActivity.java, there is a possible way to uninstall a different user's app due to a missing permission check. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In multiple functions of UserController.java, there is a possible lock screen bypass due to a race condition. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity.
In MMapVAccess of pmr_os.c, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In bta_av_config_ind of bta_av_aact.cc, there is a possible out of bounds read due to type confusion. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix a crash in UFFDIO_MOVE when PMD is a migration entry When UFFDIO_MOVE encounters a migration PMD entry, it. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In lwis_top_register_io of lwis_device_top.c, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In draw_surface_image() of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
In ConvertReductionOp of darwinn_mlir_converter_aidl.cc, there is a possible out of bounds write due to a heap buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In gxp_mapping_create of gxp_mapping.c, there is a possible privilege escalation due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-396458384. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In lwis_io_buffer_write, there is a possible OOB read/write due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In syna_cdev_ioctl_store_pid() of syna_tcm2_sysfs.c, there is a possible out of bounds write due to a heap buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-396462223. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In lwis_test_register_io of lwis_device_test.c, there is a possible OOB Write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
There is a possible escalation of privilege due to test/debugging code left in a production build. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
There is a possible escalation of privilege due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In unknown of cd_CnMsgCodecUserApi.cpp, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-394765106. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In TBD of TBD, there is a possible DoS due to a missing null check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In ReadTachyonCommands of gxp_main_actor.cc, there is a possible information leak due to uninitialized data. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wl_cfgscan_update_v3_schedscan_results() of wl_cfgscan.c, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In wl_update_hidden_ap_ie() of wl_cfgscan.c, there is a possible out of bounds write due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In SAEMM_DiscloseMsId of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
LinkedIn Mobile Application for Android version 4.1.1087.2 fails to update link preview metadata (image, title, description) when a user replaces the original URL in a post or comment before. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Inappropriate implementation in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Inappropriate implementation in Extensions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to bypass content security policy via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Rejected reason: This CVE ID was assigned in error to a vulnerability that was both introduced and fixed before the code landed in the Stable channel of Chrome, and has been withdrawn. No vendor patch available.
The SourceCodester Android application "Corona Virus Tracker App India" 1.0 uses MD5 for digest authentication in `OkHttpClientWrapper.java`. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
In initializeSwizzler of SkBmpStandardCodec.cpp, there is a possible out of bounds write due to a heap buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In multiple functions of DevicePolicyManagerService.java, there is a possible way to install unauthorized applications into a newly created work profile due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.
In onLastAccessedStackLoaded of ActionHandler.java , there is a possible way to bypass storage restrictions across apps due to a missing permission check. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
In afterKeyEventLockedInterruptable of InputDispatcher.cpp, there is a possible use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In avdt_msg_ind of avdt_msg.cc, there is a possible memory corruption due to type confusion. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In handleKeyGestureEvent of PhoneWindowManager.java, there is a possible lock screen bypass due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In canForward of IntentForwarderActivity.java, there is a possible bypass of the cross profile intent filter most commonly used in Work Profile scenarios due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In multiple locations, there is a possible method for a malicious app to prevent dialing emergency services under limited circumstances due to a logic error in the code. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In isInSignificantPlace of multiple files, there is a possible way to access sensitive information due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In multiple locations, there is a possible way to execute arbitrary code due to a logic error in the code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible way to grant permissions to an app on the secondary user from the primary user due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to grant notification access above the lock screen due to a logic error in the code. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
In ParseTag of dng_ifd.cpp, there is a possible way to crash the image renderer due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In multiple locations, there is a possible way to mislead a user into approving an authentication prompt for one app when its result will be used in another due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In contentDescForNotification of NotificationContentDescription.kt, there is a possible notification content leak through the lockscreen due to a logic error in the code. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In multiple locations, there is a possible way to mislead the user into enabling malicious phone calls forwarding due to a tapjacking/overlay attack. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
In multiple locations, there is a possible confused deputy due to Intent Redirect. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In finishTransition of Transition.java, there is a possible way to bypass touch filtering restrictions due to a tapjacking/overlay attack. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
In onCreate of ChooserActivity.java , there is a possible way to view other users' images due to a confused deputy. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In FuseDaemon.cpp, there is a possible out of bounds write due to memory corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible cross user media disclosure due to a confused deputy. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In showAvatarPicker of EditUserPhotoController.java, there is a possible cross user image leak due to a confused deputy. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In multiple functions of Permissions.java, there is a possible way to override the state of the user's location permissions due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
In geniezone, there is a possible memory corruption due to use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In mbrain, there is a possible memory corruption due to use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In monitor_hang, there is a possible memory corruption due to use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability was identified in GalleryVault Gallery Vault App up to 4.5.2 on Android. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A security flaw has been discovered in Modo Legend of the Phoenix up to 1.0.5. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was identified in NCSOFT Universe App up to 1.3.0. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was determined in Voice Changer App up to 1.1.0.xml of the component com.tuyangkeji.changevoice. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A flaw has been found in Transbyte Scooper News App up to 1.2 on Android. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Basecamp's Google Sign-In adds Google sign-in to Rails applications. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
A vulnerability was detected in Kakao 헤이카카오 Hey Kakao App up to 2.17.4 on Android. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.
A security vulnerability has been detected in Rejseplanen App up to 8.2.2. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.
A weakness has been identified in UAB Paytend App up to 2.1.9 on Android. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in Gary Illyes Google XML News Sitemap plugin allows Stored XSS.02. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The Pronamic Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the description field in all versions up to, and including, 2.4.1 due to insufficient input sanitization. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Basecamp's Google Sign-In adds Google sign-in to Rails applications. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
In checkWhetherCallingAppHasAccess of DownloadProvider.java, there is a possible bypass of user consent when opening files in shared storage due to a confused deputy. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In multiple functions of sdp_server.cc, there is a possible use after free due to a logic error in the code. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In process_service_attr_rsp of sdp_discovery.cc, there is a possible use after free due to a logic error in the code. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In multiple locations, there is a possible way to execute arbitrary code due to a use after free. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In rfc_send_buf_uih of rfc_ts_frames.cc, there is a possible way to execute arbitrary code due to a use after free. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In rfc_check_send_cmd of rfc_utils.cc, there is a possible way to execute arbitrary code due to a use after free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In hidd_check_config_done of hidd_conn.cc, there is a possible way to execute arbitrary code due to a use after free. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In bnepu_check_send_packet of bnep_utils.cc, there is a possible way to achieve code execution due to a use after free. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In multiple locations, there is a possible way to execute arbitrary code due to a use after free. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In avct_lcb_msg_ind of avct_lcb_act.cc, there is a possible way to execute arbitrary code due to a use after free. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In startLockTaskMode of LockTaskController.java, there is a possible lock screen bypass due to a logic error in the code. Rated low severity (CVSS 3.2), this vulnerability is no authentication required, low attack complexity.
In multiple locations, there is a possible Android/data access due to a path traversal error. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity.
In BroadcastController.java of registerReceiverWithFeatureTraced, there is a possible way to receive broadcasts meant for the "android" package due to improper input validation. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In multiple functions of RoleService.java, there is a possible permission squatting vulnerability due to a logic error in the code. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity.
In multiple functions of VpnManager.java, there is a possible cross-user data leak due to a logic error in the code. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity.
In validateIpConfiguration of WifiConfigurationUtil.java, there is a possible way to trigger a permanent DoS due to a missing bounds check. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
In dump of WindowManagerService.java, there is a possible way of running dumpsys without the required permission due to a missing permission check. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity.
In multiple locations, there is a possible lock screen bypass due to a logic error in the code. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity.
In multiple functions of GrantPermissionsActivity.java , there is a possible way to trick the user into granting the incorrect permission due to permission overload. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity.
In onCreate of InstallStart.java, there is a possible permissions bypass due to improper input validation. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.
In onCreate of UninstallerActivity.java, there is a possible way to uninstall a different user's app due to a missing permission check. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In multiple functions of UserController.java, there is a possible lock screen bypass due to a race condition. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity.
In MMapVAccess of pmr_os.c, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In bta_av_config_ind of bta_av_aact.cc, there is a possible out of bounds read due to type confusion. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix a crash in UFFDIO_MOVE when PMD is a migration entry When UFFDIO_MOVE encounters a migration PMD entry, it. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In lwis_top_register_io of lwis_device_top.c, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In draw_surface_image() of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
In ConvertReductionOp of darwinn_mlir_converter_aidl.cc, there is a possible out of bounds write due to a heap buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In gxp_mapping_create of gxp_mapping.c, there is a possible privilege escalation due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-396458384. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In lwis_io_buffer_write, there is a possible OOB read/write due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In syna_cdev_ioctl_store_pid() of syna_tcm2_sysfs.c, there is a possible out of bounds write due to a heap buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-396462223. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In lwis_test_register_io of lwis_device_test.c, there is a possible OOB Write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
There is a possible escalation of privilege due to test/debugging code left in a production build. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
There is a possible escalation of privilege due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In unknown of cd_CnMsgCodecUserApi.cpp, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-394765106. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In TBD of TBD, there is a possible DoS due to a missing null check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In ReadTachyonCommands of gxp_main_actor.cc, there is a possible information leak due to uninitialized data. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wl_cfgscan_update_v3_schedscan_results() of wl_cfgscan.c, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In wl_update_hidden_ap_ie() of wl_cfgscan.c, there is a possible out of bounds write due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In SAEMM_DiscloseMsId of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
LinkedIn Mobile Application for Android version 4.1.1087.2 fails to update link preview metadata (image, title, description) when a user replaces the original URL in a post or comment before. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Inappropriate implementation in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Inappropriate implementation in Extensions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to bypass content security policy via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Rejected reason: This CVE ID was assigned in error to a vulnerability that was both introduced and fixed before the code landed in the Stable channel of Chrome, and has been withdrawn. No vendor patch available.
The SourceCodester Android application "Corona Virus Tracker App India" 1.0 uses MD5 for digest authentication in `OkHttpClientWrapper.java`. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
In initializeSwizzler of SkBmpStandardCodec.cpp, there is a possible out of bounds write due to a heap buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In multiple functions of DevicePolicyManagerService.java, there is a possible way to install unauthorized applications into a newly created work profile due to a race condition. Rated high severity (CVSS 7.0). No vendor patch available.
In onLastAccessedStackLoaded of ActionHandler.java , there is a possible way to bypass storage restrictions across apps due to a missing permission check. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
In afterKeyEventLockedInterruptable of InputDispatcher.cpp, there is a possible use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In setMediaButtonReceiver of multiple files, there is a possible way to launch arbitrary activities from background due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In avdt_msg_ind of avdt_msg.cc, there is a possible memory corruption due to type confusion. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In handleKeyGestureEvent of PhoneWindowManager.java, there is a possible lock screen bypass due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In canForward of IntentForwarderActivity.java, there is a possible bypass of the cross profile intent filter most commonly used in Work Profile scenarios due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In multiple locations, there is a possible method for a malicious app to prevent dialing emergency services under limited circumstances due to a logic error in the code. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In isInSignificantPlace of multiple files, there is a possible way to access sensitive information due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In multiple locations, there is a possible way to execute arbitrary code due to a logic error in the code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible way to grant permissions to an app on the secondary user from the primary user due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to grant notification access above the lock screen due to a logic error in the code. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
In ParseTag of dng_ifd.cpp, there is a possible way to crash the image renderer due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In multiple locations, there is a possible way to mislead a user into approving an authentication prompt for one app when its result will be used in another due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In contentDescForNotification of NotificationContentDescription.kt, there is a possible notification content leak through the lockscreen due to a logic error in the code. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In multiple locations, there is a possible way to mislead the user into enabling malicious phone calls forwarding due to a tapjacking/overlay attack. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
In multiple locations, there is a possible confused deputy due to Intent Redirect. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In finishTransition of Transition.java, there is a possible way to bypass touch filtering restrictions due to a tapjacking/overlay attack. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
In onCreate of ChooserActivity.java , there is a possible way to view other users' images due to a confused deputy. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In FuseDaemon.cpp, there is a possible out of bounds write due to memory corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible cross user media disclosure due to a confused deputy. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In showAvatarPicker of EditUserPhotoController.java, there is a possible cross user image leak due to a confused deputy. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In multiple functions of Permissions.java, there is a possible way to override the state of the user's location permissions due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
In geniezone, there is a possible memory corruption due to use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In mbrain, there is a possible memory corruption due to use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In monitor_hang, there is a possible memory corruption due to use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability was identified in GalleryVault Gallery Vault App up to 4.5.2 on Android. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A security flaw has been discovered in Modo Legend of the Phoenix up to 1.0.5. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was identified in NCSOFT Universe App up to 1.3.0. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was determined in Voice Changer App up to 1.1.0.xml of the component com.tuyangkeji.changevoice. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A flaw has been found in Transbyte Scooper News App up to 1.2 on Android. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Basecamp's Google Sign-In adds Google sign-in to Rails applications. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
A vulnerability was detected in Kakao 헤이카카오 Hey Kakao App up to 2.17.4 on Android. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.
A security vulnerability has been detected in Rejseplanen App up to 8.2.2. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.
A weakness has been identified in UAB Paytend App up to 2.1.9 on Android. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in Gary Illyes Google XML News Sitemap plugin allows Stored XSS.02. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The Pronamic Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the description field in all versions up to, and including, 2.4.1 due to insufficient input sanitization. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Basecamp's Google Sign-In adds Google sign-in to Rails applications. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
In checkWhetherCallingAppHasAccess of DownloadProvider.java, there is a possible bypass of user consent when opening files in shared storage due to a confused deputy. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In multiple functions of sdp_server.cc, there is a possible use after free due to a logic error in the code. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In process_service_attr_rsp of sdp_discovery.cc, there is a possible use after free due to a logic error in the code. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In multiple locations, there is a possible way to execute arbitrary code due to a use after free. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In rfc_send_buf_uih of rfc_ts_frames.cc, there is a possible way to execute arbitrary code due to a use after free. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In rfc_check_send_cmd of rfc_utils.cc, there is a possible way to execute arbitrary code due to a use after free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In hidd_check_config_done of hidd_conn.cc, there is a possible way to execute arbitrary code due to a use after free. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In bnepu_check_send_packet of bnep_utils.cc, there is a possible way to achieve code execution due to a use after free. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In multiple locations, there is a possible way to execute arbitrary code due to a use after free. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In avct_lcb_msg_ind of avct_lcb_act.cc, there is a possible way to execute arbitrary code due to a use after free. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.