Monthly
Security vulnerability in RustDesk remote desktop client/server. One of 6+ critical CVEs affecting the open-source remote access platform.
Privilege escalation in RustDesk Client through version 1.4.5 on Windows, macOS, Linux, iOS, and Android allows unauthenticated remote attackers to abuse API sync and configuration management functions. The vulnerability in the rendezvous mediator and HTTP sync modules enables attackers to gain elevated privileges without user interaction. No patch is currently available for affected users.
RustDesk Client through version 1.4.5 uses a broken cryptographic algorithm that allows attackers to retrieve sensitive embedded data during config import, URI scheme handling, or CLI operations across Windows, macOS, Linux, iOS, Android, and web clients. An unauthenticated remote attacker can exploit this vulnerability without user interaction to extract sensitive configuration information. No patch is currently available for this high-severity vulnerability.
Dark Reader is an accessibility browser extension that makes web pages colors dark. The dynamic dark mode feature of the extension works by analyzing the colors of web pages found in CSS style sheet files. [CVSS 3.4 LOW]
Sandbox escape via navigation validation in Chrome before 145.0.7632.159. Patch available.
Google Chrome versions before 145.0.7632.159 contain a heap buffer overflow in the WebCodecs component that enables remote attackers to write data outside allocated memory bounds through malicious HTML pages. An unauthenticated attacker can exploit this vulnerability with minimal user interaction to achieve arbitrary code execution on affected systems. A patch is available in Chrome 145.0.7632.159 and later.
Out-of-bounds memory access in Google Chrome's V8 engine (versions prior to 145.0.7632.159) enables remote attackers to achieve memory corruption through malicious HTML pages without requiring user privileges beyond standard interaction. The vulnerability affects all Chrome users and could potentially lead to information disclosure, data corruption, or code execution depending on memory layout and exploitation context.
Out-of-bounds memory access in Google Chrome's WebAssembly implementation (versions prior to 145.0.7632.159) enables remote attackers to achieve full memory corruption through malicious HTML pages, requiring only user interaction. An attacker can exploit this to read sensitive data, modify memory, or crash the browser with no authentication needed. A patch is available in Chrome 145.0.7632.159 and later.
Out-of-bounds memory read in Google Chrome's CSS implementation (versions prior to 145.0.7632.159) allows network attackers to read sensitive memory contents by tricking users into viewing a malicious HTML page. The vulnerability requires user interaction but carries high impact, enabling information disclosure without authentication or special privileges. A patch is available in Chrome 145.0.7632.159 and later.
Out-of-bounds memory access in Google Chrome's WebAudio component (versions prior to 145.0.7632.159) enables remote attackers to read, modify, or crash the browser by tricking users into visiting malicious web pages. This network-based vulnerability requires no special privileges and affects all Chrome users who interact with untrusted content. A patch is available in Chrome 145.0.7632.159 and later versions.
Heap corruption in Google Chrome's DevTools prior to version 145.0.7632.159 can be triggered through a malicious extension, requiring user installation and interaction. An attacker exploiting this object lifecycle vulnerability could achieve arbitrary code execution with full system privileges. A patch is available in Chrome 145.0.7632.159 and later versions.
Google Chrome's Skia rendering engine contains an integer overflow flaw that enables remote attackers to access out-of-bounds memory when processing malicious HTML pages. Affected users running Chrome versions prior to 145.0.7632.159 could face memory corruption leading to information disclosure, data modification, or denial of service. A security patch is available to remediate this critical vulnerability.
Heap corruption in Chrome's PowerVR graphics driver on Android versions prior to 145.0.7632.159 can be triggered through malicious HTML pages, potentially enabling remote code execution without user interaction beyond visiting a compromised website. The vulnerability stems from improper object lifecycle management and affects all Android users running vulnerable Chrome versions. A patch is available and should be applied immediately given the high exploitation potential.
Google Chrome's ANGLE graphics library before version 145.0.7632.159 contains an integer overflow vulnerability that enables remote attackers to access out-of-bounds memory through malicious HTML pages. An unauthenticated attacker can exploit this flaw by tricking users into visiting a crafted webpage, potentially compromising confidentiality, integrity, and availability. A patch is available in Chrome 145.0.7632.159 and later versions.
F2FS swapfile memory corruption in Linux kernel 6.6+ allows local attackers with user privileges to cause data corruption through improper physical block mapping when using fragmented swapfiles smaller than the F2FS section size. Public exploit code exists for this vulnerability, and attackers can trigger dm-verity corruption errors or F2FS node corruption leading to system crashes and data loss. No patch is currently available.
Improper authorization in Google Cloud Build GitHub Trigger allowing unauthenticated build execution. EPSS 0.19%.
Android versions up to 16.0 contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 8.4).
Android versions up to - contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 8.4).
Local privilege escalation in Android's ffa.c component allows unauthenticated attackers to corrupt memory and gain elevated privileges without user interaction. The vulnerability stems from a logic error in multiple functions and requires only local access to exploit. A patch is available to address this high-severity flaw.
An Android MediaProvider logic error allows local applications to obtain unauthorized read and write access to arbitrary files, enabling privilege escalation without requiring additional permissions or user interaction. This vulnerability affects the createRequest function and permits apps to manipulate file access controls beyond their intended scope. No patch is currently available.
Improper input validation in Android's ManagedServices notification policy handler allows local attackers to escalate privileges without requiring additional permissions or user interaction. An attacker can exploit this flaw to desynchronize notification policies and gain elevated system privileges on the affected device. No patch is currently available for this vulnerability.
A logic error in Android's mem_protect.c enables local attackers to write out-of-bounds memory and escalate privileges without requiring additional permissions or user interaction. This vulnerability affects Android devices and can be exploited by any local user to gain elevated system privileges. A patch is available.
Local privilege escalation in Android's mem_protect.c results from integer overflow conditions that enable out-of-bounds memory writes, allowing unauthenticated local attackers to gain elevated system privileges without user interaction. The vulnerability affects multiple functions within the memory protection component and is exploitable by any process on the affected device. A patch is available to address this high-severity issue.
Local privilege escalation in Android's mem_protect.c allows unprivileged attackers to achieve full system access through an out-of-bounds write caused by insufficient bounds validation. The vulnerability requires no user interaction and can be exploited immediately upon device compromise by any local process.
Local privilege escalation in Android's pKVM hypervisor initialization allows unprivileged attackers to corrupt memory and gain elevated privileges without user interaction. The vulnerability stems from a logic error in the __pkvm_init_vm function that fails to properly validate memory operations during VM setup. A patch is available to address this high-severity flaw affecting Android devices.
Local privilege escalation in Android's __pkvm_host_share_guest function allows unprivileged attackers to achieve kernel-level code execution through integer overflow-induced out-of-bounds memory writes. The vulnerability requires no user interaction and can be exploited directly from any local context on affected devices. A patch is available to address this high-severity flaw.
The ARM SMMU v3 driver in Android contains a use-after-free vulnerability in the smmu_detach_dev function that could allow a local privileged attacker to execute arbitrary code with system privileges. An attacker with high-level system access can trigger an out-of-bounds write to escalate privileges without requiring user interaction. A patch is available to address this issue.
Local privilege escalation in Android's PermissionManagerServiceImpl allows an attacker to override system permissions through a logic error in the removePermission function. An unprivileged local attacker can exploit this vulnerability with user interaction to gain elevated privileges. No patch is currently available and exploitation requires physical or local access to the device.
Unauthorized information disclosure in Android's Notification.java hasImage method allows local attackers to bypass permission checks and access sensitive data across user accounts without requiring elevated privileges or user interaction. This permissions bypass can lead to local privilege escalation on affected Android devices. No patch is currently available.
MediaProvider on Android lacks proper permission validation in the isRedactionNeededForOpenViaContentResolver function, allowing local attackers to infer the precise locations of media files without requiring special privileges or user interaction. This information disclosure vulnerability affects any application with local access to the device, and while the CVSS score is moderate, no patch is currently available.
Improper permission validation in Android's PackageInstallerService allows a local app to modify its own package ownership without requiring elevated privileges, enabling privilege escalation. An attacker with a malicious app installed on the device can exploit this flaw without user interaction to gain unauthorized access to system resources. No patch is currently available for this vulnerability.
Android versions up to 14.0 contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 8.4).
Android versions up to 14.0 is affected by authorization bypass through user-controlled key (CVSS 8.4).
Biometric authentication bypass in Android's BiometricService allows local attackers to enable fingerprint unlock through a logic error, resulting in privilege escalation without requiring user interaction or special permissions. No patch is currently available for this vulnerability.
AppOpsService.java in Android contains insufficient input validation that permits local attackers to trigger persistent denial of service without requiring elevated privileges or user interaction. An attacker can exploit multiple code paths to repeatedly crash or disable the service, degrading system functionality for legitimate users. No patch is currently available for this vulnerability.
Local denial of service in Android's AppOpsService allows unauthenticated attackers to trigger persistent system crashes through improper input validation in the isPackageNullOrSystem function. The vulnerability requires only local access with no special privileges or user interaction, making any app on an affected device a potential attack vector. No patch is currently available.
Android versions up to 14.0 contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 8.4).
Contact information exposure in Android's notification system allows local attackers to extract sensitive user data through a logic error in the setHideSensitive function, requiring no special privileges or user interaction. The vulnerability affects the ExpandableNotificationRow component where contact names can be inadvertently disclosed despite intended privacy protections. No patch is currently available for this medium-severity flaw.
Local privilege escalation in Android's Settings.java enableSystemPackageLPw function allows unauthenticated local attackers to manipulate location access controls through a logic error, requiring no user interaction. An attacker with local access can exploit this vulnerability to gain elevated privileges and bypass location permission enforcement. No patch is currently available for this vulnerability.
Local privilege escalation in Android's DRM manager service allows unprivileged processes to achieve system-level access through an out-of-bounds memory write in the IDrmManagerService transaction handler. The vulnerability requires no user interaction and can be exploited immediately upon execution, making it a direct path to elevated privileges on affected Android devices. No patch is currently available.
Android versions up to 16.0 contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 8.4).
Android versions up to 14.0 is affected by improper restriction of rendered ui layers or frames (CVSS 8.6).
Android has a heap buffer overflow in multiple locations enabling privilege escalation through out-of-bounds read and write operations.
App pinning bypass in Android's KeyguardServiceDelegate allows unauthenticated local attackers to interact with restricted applications without the lock screen knowledge factor (LSKF) due to insufficient permission validation. The vulnerability enables limited information disclosure through unauthorized app access with no additional privileges or user interaction required. No patch is currently available.
Android versions up to 16.0 contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 7.8).
In loadDataAndPostValue of multiple files, there is a possible way to obscure permission usage due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.8 HIGH]
In multiple locations, there is a possible information disclosure due to SQL injection. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]
Android versions up to 14.0 contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 7.8).
In loadDescription of DeviceAdminInfo.java, there is a possible persistent package due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.8 HIGH]
In multiple locations, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. [CVSS 5.5 MEDIUM]
In jump_to_payload of payload.rs, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. [CVSS 5.5 MEDIUM]
In multiple functions of Nfc.h, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.0 HIGH]
In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]
In multiple functions of TaskFragmentOrganizerController.java, there is a possible activity token leak due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.7 HIGH]
In relayoutWindow of WindowManagerService.java, there is a possible tapjack attack due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.3 HIGH]
Android versions up to 14.0 contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 7.4).
In multiple functions of ContentProvider.java, there is a possible way for an app with read-only access to truncate files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]
In VBMeta, there is a possible way to modify and resign VBMeta using a test key, assuming the original image was previously signed with the same key. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.8 HIGH]
Android MmsProvider has a vulnerability allowing arbitrary file deletion through improper handling of MMS data, potentially causing data loss on mobile devices.
In multiple functions of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]
In exitKeyguardAndFinishSurfaceBehindRemoteAnimation of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. [CVSS 6.2 MEDIUM]
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. [CVSS 6.2 MEDIUM]
In multiple locations, there is a possible way to delete media without the MANAGE_EXTERNAL_STORAGE permission due to an intent redirect. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]
Android versions up to 14.0 contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 8.4).
In multiple functions of MediaProvider.java, there is a possible way to bypass the WRITE_EXTERNAL_STORAGE permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.8 HIGH]
In multiple functions of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.4 HIGH]
In validateAddingWindowLw of DisplayPolicy.java, there is a possible way for an app to intercept drag-and-drop events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]
In multiple locations, there is a possible lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.4 HIGH]
In multiple locations, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.8 HIGH]
In UsageEvents of UsageEvents.java, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]
Android versions up to 14.0 is affected by cleartext transmission of sensitive information (CVSS 6.5).
In broadcastIntentLockedTraced of BroadcastController.java, there is a possible way to launch arbitrary activities from the background on the paired companion phone due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.8 HIGH]
Android versions up to 14.0 contains a vulnerability that allows attackers to local denial of service if a malicious actor has already obtained the System pri (CVSS 4.4).
Local privilege escalation in Android's display module stems from insufficient bounds checking in memory operations, allowing system-level attackers to corrupt memory and gain elevated privileges without user interaction. The vulnerability affects Android devices where an adversary with existing system privileges can exploit this flaw to further escalate their access. No patch is currently available for this issue.
Local privilege escalation in Android's display subsystem exploits a use-after-free memory corruption vulnerability to elevate from system-level privileges, requiring no user interaction. An attacker with pre-existing system access can trigger the memory corruption to gain complete control over the affected device. No patch is currently available to remediate this issue.
Android's display subsystem crashes due to a use-after-free memory error that allows a privileged local attacker to trigger a denial of service without user interaction. Exploitation requires pre-existing system-level access, limiting impact to scenarios where an attacker has already compromised the device at the highest privilege level. No patch is currently available for this vulnerability.
Android's MAE component contains an out-of-bounds write vulnerability due to insufficient bounds checking that enables local privilege escalation for attackers with existing system-level access. This memory corruption flaw requires no user interaction and could allow a privileged malicious actor to achieve arbitrary code execution, though exploitation is currently not publicly documented. No patch is currently available for this vulnerability.
Android versions up to 15.0 contains a vulnerability that allows attackers to local escalation of privilege if a malicious actor has already obtained the Syst (CVSS 6.7).
Android's imgsys component is vulnerable to a use-after-free condition that enables local denial of service attacks. Exploitation requires system-level privileges and causes immediate system crashes without user interaction. No patch is currently available for this vulnerability.
Android versions up to 15.0 contains a vulnerability that allows attackers to local escalation of privilege if a malicious actor has already obtained the Syst (CVSS 6.4).
Android MAE component is vulnerable to a use-after-free condition that can trigger a system crash, resulting in denial of service for devices where an attacker has already obtained system-level privileges. No user interaction is required for exploitation. Currently, no patch is available for this vulnerability.
Device unique identifiers in the preloader of Openwrt, Android, Yocto, RDK-B, and Zephyr can be read by attackers with physical access due to a logic error, leading to local information disclosure without requiring additional privileges or user interaction. This vulnerability affects multiple embedded and IoT platforms where the preloader executes before operating system initialization. No patch is currently available for this issue.
Android's display component fails to validate buffer boundaries during read operations, allowing a system-privileged attacker to access sensitive memory contents without user interaction. This out-of-bounds read vulnerability enables local information disclosure to any malicious process running with System privileges. No patch is currently available to address this issue.
Improper bounds checking in Android's display subsystem enables local privilege escalation for attackers with system-level access, potentially allowing them to execute arbitrary code with elevated privileges. The vulnerability stems from an out-of-bounds write condition that requires no user interaction to exploit. No patch is currently available for this medium-severity issue.
Android's display subsystem contains a buffer overflow vulnerability stemming from insufficient bounds validation, allowing attackers with system-level privileges to escalate their access further without user interaction. This local privilege escalation affects Android devices and requires an attacker to already possess system privileges, limiting the immediate threat scope. While no patch is currently available, the vulnerability poses a significant risk in multi-user or containerized Android environments where system compromise could lead to complete device control.
Android's display component contains an out-of-bounds write vulnerability due to insufficient bounds checking that could allow a system-privileged attacker to escalate privileges without user interaction. The vulnerability affects devices where an adversary has already obtained system-level access, enabling potential memory corruption and further privilege elevation. No patch is currently available.
Android's display module contains an out-of-bounds write vulnerability due to insufficient bounds validation, enabling local privilege escalation for attackers who already possess System-level access. The vulnerability requires no user interaction and could allow complete system compromise through memory corruption. No patch is currently available for this medium-severity issue.
Android's display component contains an out-of-bounds read vulnerability stemming from insufficient bounds validation, allowing system-privileged attackers to disclose sensitive memory contents without user interaction. The vulnerability requires pre-existing system-level access but poses a high confidentiality risk through local information disclosure. No patch is currently available.
Local privilege escalation in Android's PCIe driver allows system-level attackers to execute arbitrary code through an out-of-bounds write caused by insufficient bounds validation. Exploitation requires pre-existing system privileges but no user interaction, enabling a compromised system component to gain complete device control. No patch is currently available.
Security vulnerability in RustDesk remote desktop client/server. One of 6+ critical CVEs affecting the open-source remote access platform.
Privilege escalation in RustDesk Client through version 1.4.5 on Windows, macOS, Linux, iOS, and Android allows unauthenticated remote attackers to abuse API sync and configuration management functions. The vulnerability in the rendezvous mediator and HTTP sync modules enables attackers to gain elevated privileges without user interaction. No patch is currently available for affected users.
RustDesk Client through version 1.4.5 uses a broken cryptographic algorithm that allows attackers to retrieve sensitive embedded data during config import, URI scheme handling, or CLI operations across Windows, macOS, Linux, iOS, Android, and web clients. An unauthenticated remote attacker can exploit this vulnerability without user interaction to extract sensitive configuration information. No patch is currently available for this high-severity vulnerability.
Dark Reader is an accessibility browser extension that makes web pages colors dark. The dynamic dark mode feature of the extension works by analyzing the colors of web pages found in CSS style sheet files. [CVSS 3.4 LOW]
Sandbox escape via navigation validation in Chrome before 145.0.7632.159. Patch available.
Google Chrome versions before 145.0.7632.159 contain a heap buffer overflow in the WebCodecs component that enables remote attackers to write data outside allocated memory bounds through malicious HTML pages. An unauthenticated attacker can exploit this vulnerability with minimal user interaction to achieve arbitrary code execution on affected systems. A patch is available in Chrome 145.0.7632.159 and later.
Out-of-bounds memory access in Google Chrome's V8 engine (versions prior to 145.0.7632.159) enables remote attackers to achieve memory corruption through malicious HTML pages without requiring user privileges beyond standard interaction. The vulnerability affects all Chrome users and could potentially lead to information disclosure, data corruption, or code execution depending on memory layout and exploitation context.
Out-of-bounds memory access in Google Chrome's WebAssembly implementation (versions prior to 145.0.7632.159) enables remote attackers to achieve full memory corruption through malicious HTML pages, requiring only user interaction. An attacker can exploit this to read sensitive data, modify memory, or crash the browser with no authentication needed. A patch is available in Chrome 145.0.7632.159 and later.
Out-of-bounds memory read in Google Chrome's CSS implementation (versions prior to 145.0.7632.159) allows network attackers to read sensitive memory contents by tricking users into viewing a malicious HTML page. The vulnerability requires user interaction but carries high impact, enabling information disclosure without authentication or special privileges. A patch is available in Chrome 145.0.7632.159 and later.
Out-of-bounds memory access in Google Chrome's WebAudio component (versions prior to 145.0.7632.159) enables remote attackers to read, modify, or crash the browser by tricking users into visiting malicious web pages. This network-based vulnerability requires no special privileges and affects all Chrome users who interact with untrusted content. A patch is available in Chrome 145.0.7632.159 and later versions.
Heap corruption in Google Chrome's DevTools prior to version 145.0.7632.159 can be triggered through a malicious extension, requiring user installation and interaction. An attacker exploiting this object lifecycle vulnerability could achieve arbitrary code execution with full system privileges. A patch is available in Chrome 145.0.7632.159 and later versions.
Google Chrome's Skia rendering engine contains an integer overflow flaw that enables remote attackers to access out-of-bounds memory when processing malicious HTML pages. Affected users running Chrome versions prior to 145.0.7632.159 could face memory corruption leading to information disclosure, data modification, or denial of service. A security patch is available to remediate this critical vulnerability.
Heap corruption in Chrome's PowerVR graphics driver on Android versions prior to 145.0.7632.159 can be triggered through malicious HTML pages, potentially enabling remote code execution without user interaction beyond visiting a compromised website. The vulnerability stems from improper object lifecycle management and affects all Android users running vulnerable Chrome versions. A patch is available and should be applied immediately given the high exploitation potential.
Google Chrome's ANGLE graphics library before version 145.0.7632.159 contains an integer overflow vulnerability that enables remote attackers to access out-of-bounds memory through malicious HTML pages. An unauthenticated attacker can exploit this flaw by tricking users into visiting a crafted webpage, potentially compromising confidentiality, integrity, and availability. A patch is available in Chrome 145.0.7632.159 and later versions.
F2FS swapfile memory corruption in Linux kernel 6.6+ allows local attackers with user privileges to cause data corruption through improper physical block mapping when using fragmented swapfiles smaller than the F2FS section size. Public exploit code exists for this vulnerability, and attackers can trigger dm-verity corruption errors or F2FS node corruption leading to system crashes and data loss. No patch is currently available.
Improper authorization in Google Cloud Build GitHub Trigger allowing unauthenticated build execution. EPSS 0.19%.
Android versions up to 16.0 contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 8.4).
Android versions up to - contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 8.4).
Local privilege escalation in Android's ffa.c component allows unauthenticated attackers to corrupt memory and gain elevated privileges without user interaction. The vulnerability stems from a logic error in multiple functions and requires only local access to exploit. A patch is available to address this high-severity flaw.
An Android MediaProvider logic error allows local applications to obtain unauthorized read and write access to arbitrary files, enabling privilege escalation without requiring additional permissions or user interaction. This vulnerability affects the createRequest function and permits apps to manipulate file access controls beyond their intended scope. No patch is currently available.
Improper input validation in Android's ManagedServices notification policy handler allows local attackers to escalate privileges without requiring additional permissions or user interaction. An attacker can exploit this flaw to desynchronize notification policies and gain elevated system privileges on the affected device. No patch is currently available for this vulnerability.
A logic error in Android's mem_protect.c enables local attackers to write out-of-bounds memory and escalate privileges without requiring additional permissions or user interaction. This vulnerability affects Android devices and can be exploited by any local user to gain elevated system privileges. A patch is available.
Local privilege escalation in Android's mem_protect.c results from integer overflow conditions that enable out-of-bounds memory writes, allowing unauthenticated local attackers to gain elevated system privileges without user interaction. The vulnerability affects multiple functions within the memory protection component and is exploitable by any process on the affected device. A patch is available to address this high-severity issue.
Local privilege escalation in Android's mem_protect.c allows unprivileged attackers to achieve full system access through an out-of-bounds write caused by insufficient bounds validation. The vulnerability requires no user interaction and can be exploited immediately upon device compromise by any local process.
Local privilege escalation in Android's pKVM hypervisor initialization allows unprivileged attackers to corrupt memory and gain elevated privileges without user interaction. The vulnerability stems from a logic error in the __pkvm_init_vm function that fails to properly validate memory operations during VM setup. A patch is available to address this high-severity flaw affecting Android devices.
Local privilege escalation in Android's __pkvm_host_share_guest function allows unprivileged attackers to achieve kernel-level code execution through integer overflow-induced out-of-bounds memory writes. The vulnerability requires no user interaction and can be exploited directly from any local context on affected devices. A patch is available to address this high-severity flaw.
The ARM SMMU v3 driver in Android contains a use-after-free vulnerability in the smmu_detach_dev function that could allow a local privileged attacker to execute arbitrary code with system privileges. An attacker with high-level system access can trigger an out-of-bounds write to escalate privileges without requiring user interaction. A patch is available to address this issue.
Local privilege escalation in Android's PermissionManagerServiceImpl allows an attacker to override system permissions through a logic error in the removePermission function. An unprivileged local attacker can exploit this vulnerability with user interaction to gain elevated privileges. No patch is currently available and exploitation requires physical or local access to the device.
Unauthorized information disclosure in Android's Notification.java hasImage method allows local attackers to bypass permission checks and access sensitive data across user accounts without requiring elevated privileges or user interaction. This permissions bypass can lead to local privilege escalation on affected Android devices. No patch is currently available.
MediaProvider on Android lacks proper permission validation in the isRedactionNeededForOpenViaContentResolver function, allowing local attackers to infer the precise locations of media files without requiring special privileges or user interaction. This information disclosure vulnerability affects any application with local access to the device, and while the CVSS score is moderate, no patch is currently available.
Improper permission validation in Android's PackageInstallerService allows a local app to modify its own package ownership without requiring elevated privileges, enabling privilege escalation. An attacker with a malicious app installed on the device can exploit this flaw without user interaction to gain unauthorized access to system resources. No patch is currently available for this vulnerability.
Android versions up to 14.0 contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 8.4).
Android versions up to 14.0 is affected by authorization bypass through user-controlled key (CVSS 8.4).
Biometric authentication bypass in Android's BiometricService allows local attackers to enable fingerprint unlock through a logic error, resulting in privilege escalation without requiring user interaction or special permissions. No patch is currently available for this vulnerability.
AppOpsService.java in Android contains insufficient input validation that permits local attackers to trigger persistent denial of service without requiring elevated privileges or user interaction. An attacker can exploit multiple code paths to repeatedly crash or disable the service, degrading system functionality for legitimate users. No patch is currently available for this vulnerability.
Local denial of service in Android's AppOpsService allows unauthenticated attackers to trigger persistent system crashes through improper input validation in the isPackageNullOrSystem function. The vulnerability requires only local access with no special privileges or user interaction, making any app on an affected device a potential attack vector. No patch is currently available.
Android versions up to 14.0 contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 8.4).
Contact information exposure in Android's notification system allows local attackers to extract sensitive user data through a logic error in the setHideSensitive function, requiring no special privileges or user interaction. The vulnerability affects the ExpandableNotificationRow component where contact names can be inadvertently disclosed despite intended privacy protections. No patch is currently available for this medium-severity flaw.
Local privilege escalation in Android's Settings.java enableSystemPackageLPw function allows unauthenticated local attackers to manipulate location access controls through a logic error, requiring no user interaction. An attacker with local access can exploit this vulnerability to gain elevated privileges and bypass location permission enforcement. No patch is currently available for this vulnerability.
Local privilege escalation in Android's DRM manager service allows unprivileged processes to achieve system-level access through an out-of-bounds memory write in the IDrmManagerService transaction handler. The vulnerability requires no user interaction and can be exploited immediately upon execution, making it a direct path to elevated privileges on affected Android devices. No patch is currently available.
Android versions up to 16.0 contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 8.4).
Android versions up to 14.0 is affected by improper restriction of rendered ui layers or frames (CVSS 8.6).
Android has a heap buffer overflow in multiple locations enabling privilege escalation through out-of-bounds read and write operations.
App pinning bypass in Android's KeyguardServiceDelegate allows unauthenticated local attackers to interact with restricted applications without the lock screen knowledge factor (LSKF) due to insufficient permission validation. The vulnerability enables limited information disclosure through unauthorized app access with no additional privileges or user interaction required. No patch is currently available.
Android versions up to 16.0 contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 7.8).
In loadDataAndPostValue of multiple files, there is a possible way to obscure permission usage due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.8 HIGH]
In multiple locations, there is a possible information disclosure due to SQL injection. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]
Android versions up to 14.0 contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 7.8).
In loadDescription of DeviceAdminInfo.java, there is a possible persistent package due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.8 HIGH]
In multiple locations, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. [CVSS 5.5 MEDIUM]
In jump_to_payload of payload.rs, there is a possible information disclosure due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. [CVSS 5.5 MEDIUM]
In multiple functions of Nfc.h, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.0 HIGH]
In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]
In multiple functions of TaskFragmentOrganizerController.java, there is a possible activity token leak due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.7 HIGH]
In relayoutWindow of WindowManagerService.java, there is a possible tapjack attack due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.3 HIGH]
Android versions up to 14.0 contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 7.4).
In multiple functions of ContentProvider.java, there is a possible way for an app with read-only access to truncate files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]
In VBMeta, there is a possible way to modify and resign VBMeta using a test key, assuming the original image was previously signed with the same key. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.8 HIGH]
Android MmsProvider has a vulnerability allowing arbitrary file deletion through improper handling of MMS data, potentially causing data loss on mobile devices.
In multiple functions of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]
In exitKeyguardAndFinishSurfaceBehindRemoteAnimation of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. [CVSS 6.2 MEDIUM]
In multiple functions of ProfilingService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. [CVSS 6.2 MEDIUM]
In multiple locations, there is a possible way to delete media without the MANAGE_EXTERNAL_STORAGE permission due to an intent redirect. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]
Android versions up to 14.0 contains a vulnerability that allows attackers to local escalation of privilege with no additional execution privileges needed (CVSS 8.4).
In multiple functions of MediaProvider.java, there is a possible way to bypass the WRITE_EXTERNAL_STORAGE permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.8 HIGH]
In multiple functions of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.4 HIGH]
In validateAddingWindowLw of DisplayPolicy.java, there is a possible way for an app to intercept drag-and-drop events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]
In multiple locations, there is a possible lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.4 HIGH]
In multiple locations, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 7.8 HIGH]
In UsageEvents of UsageEvents.java, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.4 HIGH]
Android versions up to 14.0 is affected by cleartext transmission of sensitive information (CVSS 6.5).
In broadcastIntentLockedTraced of BroadcastController.java, there is a possible way to launch arbitrary activities from the background on the paired companion phone due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. [CVSS 8.8 HIGH]
Android versions up to 14.0 contains a vulnerability that allows attackers to local denial of service if a malicious actor has already obtained the System pri (CVSS 4.4).
Local privilege escalation in Android's display module stems from insufficient bounds checking in memory operations, allowing system-level attackers to corrupt memory and gain elevated privileges without user interaction. The vulnerability affects Android devices where an adversary with existing system privileges can exploit this flaw to further escalate their access. No patch is currently available for this issue.
Local privilege escalation in Android's display subsystem exploits a use-after-free memory corruption vulnerability to elevate from system-level privileges, requiring no user interaction. An attacker with pre-existing system access can trigger the memory corruption to gain complete control over the affected device. No patch is currently available to remediate this issue.
Android's display subsystem crashes due to a use-after-free memory error that allows a privileged local attacker to trigger a denial of service without user interaction. Exploitation requires pre-existing system-level access, limiting impact to scenarios where an attacker has already compromised the device at the highest privilege level. No patch is currently available for this vulnerability.
Android's MAE component contains an out-of-bounds write vulnerability due to insufficient bounds checking that enables local privilege escalation for attackers with existing system-level access. This memory corruption flaw requires no user interaction and could allow a privileged malicious actor to achieve arbitrary code execution, though exploitation is currently not publicly documented. No patch is currently available for this vulnerability.
Android versions up to 15.0 contains a vulnerability that allows attackers to local escalation of privilege if a malicious actor has already obtained the Syst (CVSS 6.7).
Android's imgsys component is vulnerable to a use-after-free condition that enables local denial of service attacks. Exploitation requires system-level privileges and causes immediate system crashes without user interaction. No patch is currently available for this vulnerability.
Android versions up to 15.0 contains a vulnerability that allows attackers to local escalation of privilege if a malicious actor has already obtained the Syst (CVSS 6.4).
Android MAE component is vulnerable to a use-after-free condition that can trigger a system crash, resulting in denial of service for devices where an attacker has already obtained system-level privileges. No user interaction is required for exploitation. Currently, no patch is available for this vulnerability.
Device unique identifiers in the preloader of Openwrt, Android, Yocto, RDK-B, and Zephyr can be read by attackers with physical access due to a logic error, leading to local information disclosure without requiring additional privileges or user interaction. This vulnerability affects multiple embedded and IoT platforms where the preloader executes before operating system initialization. No patch is currently available for this issue.
Android's display component fails to validate buffer boundaries during read operations, allowing a system-privileged attacker to access sensitive memory contents without user interaction. This out-of-bounds read vulnerability enables local information disclosure to any malicious process running with System privileges. No patch is currently available to address this issue.
Improper bounds checking in Android's display subsystem enables local privilege escalation for attackers with system-level access, potentially allowing them to execute arbitrary code with elevated privileges. The vulnerability stems from an out-of-bounds write condition that requires no user interaction to exploit. No patch is currently available for this medium-severity issue.
Android's display subsystem contains a buffer overflow vulnerability stemming from insufficient bounds validation, allowing attackers with system-level privileges to escalate their access further without user interaction. This local privilege escalation affects Android devices and requires an attacker to already possess system privileges, limiting the immediate threat scope. While no patch is currently available, the vulnerability poses a significant risk in multi-user or containerized Android environments where system compromise could lead to complete device control.
Android's display component contains an out-of-bounds write vulnerability due to insufficient bounds checking that could allow a system-privileged attacker to escalate privileges without user interaction. The vulnerability affects devices where an adversary has already obtained system-level access, enabling potential memory corruption and further privilege elevation. No patch is currently available.
Android's display module contains an out-of-bounds write vulnerability due to insufficient bounds validation, enabling local privilege escalation for attackers who already possess System-level access. The vulnerability requires no user interaction and could allow complete system compromise through memory corruption. No patch is currently available for this medium-severity issue.
Android's display component contains an out-of-bounds read vulnerability stemming from insufficient bounds validation, allowing system-privileged attackers to disclose sensitive memory contents without user interaction. The vulnerability requires pre-existing system-level access but poses a high confidentiality risk through local information disclosure. No patch is currently available.
Local privilege escalation in Android's PCIe driver allows system-level attackers to execute arbitrary code through an out-of-bounds write caused by insufficient bounds validation. Exploitation requires pre-existing system privileges but no user interaction, enabling a compromised system component to gain complete device control. No patch is currently available.