Google Android vulnerabilities
9,713 known vulnerabilities affecting google/android.
Total CVEs
9,713
CISA KEV
49
actively exploited
Public exploits
89
Exploited in wild
44
Severity breakdown
CRITICAL883HIGH5220MEDIUM3343LOW265UNKNOWN2
Vulnerabilities
Page 15 of 486
CVE-2025-48604MEDIUMCVSS 5.5v13.0v14.0+6 more2025-12-08
CVE-2025-48604 [MEDIUM] CWE-862 CVE-2025-48604: In multiple locations, there is a possible way to read files from another user due to a missing perm
In multiple locations, there is a possible way to read files from another user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
nvdandroid
CVE-2025-48631MEDIUMCVSS 6.5v13.0v14.0+6 more2025-12-08
CVE-2025-48631 [MEDIUM] CWE-400 CVE-2025-48631: In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due
In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2025-48590MEDIUMCVSS 5.5v13.0v14.0+6 more2025-12-08
CVE-2025-48590 [MEDIUM] CWE-400 CVE-2025-48590: In verifyAndGetBypass of AppOpsService.java, there is a possible method for a malicious app to preve
In verifyAndGetBypass of AppOpsService.java, there is a possible method for a malicious app to prevent dialing emergency services under limited circumstances due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
nvdandroid
CVE-2025-20767HIGHCVSS 7.8v14.0v15.0+1 more2025-12-02
CVE-2025-20767 [HIGH] CWE-787 CVE-2025-20767: In display, there is a possible out of bounds write due to an integer overflow. This could lead to l
In display, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4807.
nvd
CVE-2025-20766HIGHCVSS 7.8v14.0v15.0+1 more2025-12-02
CVE-2025-20766 [HIGH] CWE-457 CVE-2025-20766: In display, there is a possible memory corruption due to improper input validation. This could lead
In display, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4820.
nvd
CVE-2025-20768HIGHCVSS 7.8v14.0v15.0+1 more2025-12-02
CVE-2025-20768 [HIGH] CWE-125 CVE-2025-20768: In display, there is a possible out of bounds read due to a missing bounds check. This could lead to
In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4805.
nvd
CVE-2025-20763HIGHCVSS 7.8v14.0v15.0+1 more2025-12-02
CVE-2025-20763 [HIGH] CWE-787 CVE-2025-20763: In mmdvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to
In mmdvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10267218; Issue ID: MSV-5032.
nvd
CVE-2025-20764HIGHCVSS 7.8v14.0v15.0+1 more2025-12-02
CVE-2025-20764 [HIGH] CWE-787 CVE-2025-20764: In smi, there is a possible out of bounds write due to a missing bounds check. This could lead to lo
In smi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10259774; Issue ID: MSV-5029.
nvd
CVE-2025-20771MEDIUMCVSS 6.7v14.0v15.0+1 more2025-12-02
CVE-2025-20771 [MEDIUM] CWE-457 CVE-2025-20771: In display, there is a possible escalation of privilege due to improper input validation. This could
In display, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4802.
nvd
CVE-2025-20776MEDIUMCVSS 6.7v14.0v15.0+1 more2025-12-02
CVE-2025-20776 [MEDIUM] CWE-125 CVE-2025-20776: In display, there is a possible out of bounds read due to a missing bounds check. This could lead to
In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184297; Issue ID: MSV-4759.
nvd
CVE-2025-20765MEDIUMCVSS 4.7v14.0v15.0+1 more2025-12-02
CVE-2025-20765 [MEDIUM] CWE-362 CVE-2025-20765: In aee daemon, there is a possible system crash due to a race condition. This could lead to local de
In aee daemon, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10190802; Issue ID: MSV-4833.
nvd
CVE-2025-20773MEDIUMCVSS 6.7v14.0v15.0+1 more2025-12-02
CVE-2025-20773 [MEDIUM] CWE-416 CVE-2025-20773: In display, there is a possible memory corruption due to use after free. This could lead to local es
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4797.
nvd
CVE-2025-20777MEDIUMCVSS 6.7v14.0v15.0+1 more2025-12-02
CVE-2025-20777 [MEDIUM] CWE-787 CVE-2025-20777: In display, there is a possible out of bounds write due to a missing bounds check. This could lead t
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184870; Issue ID: MSV-4752.
nvd
CVE-2025-20788MEDIUMCVSS 4.4v15.02025-12-02
CVE-2025-20788 [MEDIUM] CWE-1262 CVE-2025-20788: In GPU pdma, there is a possible memory corruption due to a missing permission check. This could lea
In GPU pdma, there is a possible memory corruption due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS10117735; Issue ID: MSV-4539.
nvd
CVE-2025-20769MEDIUMCVSS 6.7v14.0v15.0+1 more2025-12-02
CVE-2025-20769 [MEDIUM] CWE-121 CVE-2025-20769: In display, there is a possible out of bounds write due to a missing bounds check. This could lead t
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4804.
nvd
CVE-2025-20770MEDIUMCVSS 6.7v14.0v15.0+1 more2025-12-02
CVE-2025-20770 [MEDIUM] CWE-416 CVE-2025-20770: In display, there is a possible memory corruption due to use after free. This could lead to local es
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4803.
nvd
CVE-2025-20775MEDIUMCVSS 6.7v14.0v15.0+1 more2025-12-02
CVE-2025-20775 [MEDIUM] CWE-416 CVE-2025-20775: In display, there is a possible memory corruption due to use after free. This could lead to local es
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4795.
nvd
CVE-2025-20774MEDIUMCVSS 6.7v14.0v15.0+1 more2025-12-02
CVE-2025-20774 [MEDIUM] CWE-122 CVE-2025-20774: In display, there is a possible out of bounds write due to a missing bounds check. This could lead t
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4796.
nvd
CVE-2025-20772MEDIUMCVSS 6.7v14.0v15.0+1 more2025-12-02
CVE-2025-20772 [MEDIUM] CWE-416 CVE-2025-20772: In display, there is a possible memory corruption due to use after free. This could lead to local es
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4795.
nvd
CVE-2025-20789MEDIUMCVSS 4.4v15.02025-12-02
CVE-2025-20789 [MEDIUM] CWE-201 CVE-2025-20789: In GPU pdma, there is a possible information disclosure due to a missing bounds check. This could le
In GPU pdma, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS10117741; Issue ID: MSV-4538.
nvd