Google Android vulnerabilities

9,713 known vulnerabilities affecting google/android.

Total CVEs

9,713

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL883HIGH5220MEDIUM3343LOW265UNKNOWN2

Vulnerabilities

Page 18 of 486

CVE-2025-6573HIGHCVSS 9.82025-12-01

CVE-2025-6573 [CRITICAL] CVE-2025-6573: PowerVR-GPU Android Security Bulletin 2025-12-01 CVE: CVE-2025-6573 Severity: HIGH Component: PowerVR-GPU References: A-384999601*

android

CVE-2025-20727HIGHCVSS 8.12025-12-01

CVE-2025-20727 [HIGH] CVE-2025-20727: Modem Android Security Bulletin 2025-12-01 CVE: CVE-2025-20727 Severity: HIGH Component: Modem References: A-442295794M-MOLY01672601*

android

CVE-2025-61608HIGHCVSS 7.5v13.0v14.0+2 more2025-12-01

CVE-2025-61608 [HIGH] CVE-2025-61608: In nr modem, there is a possible system crash due to improper input validation. This could lead to r In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

nvdandroid

CVE-2025-61618HIGHCVSS 7.5v13.0v14.0+2 more2025-12-01

CVE-2025-61618 [HIGH] CVE-2025-61618: In nr modem, there is a possible system crash due to improper input validation. This could lead to r In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed

nvdandroid

CVE-2025-8045HIGHCVSS 4.02025-12-01

CVE-2025-8045 [MEDIUM] CVE-2025-8045: Mali Android Security Bulletin 2025-12-01 CVE: CVE-2025-8045 Severity: HIGH Component: Mali References: A-443063131*

android

CVE-2025-20751HIGHCVSS 6.52025-12-01

CVE-2025-20751 [MEDIUM] CVE-2025-20751: Modem Android Security Bulletin 2025-12-01 CVE: CVE-2025-20751 Severity: HIGH Component: Modem References: A-445793670M-MOLY01661195*

android

CVE-2025-20791HIGHCVSS 6.52025-12-01

CVE-2025-20791 [MEDIUM] CVE-2025-20791: Modem Android Security Bulletin 2025-12-01 CVE: CVE-2025-20791 Severity: HIGH Component: Modem References: A-445785199M-MOLY01661189*

android

CVE-2025-20792HIGHCVSS 5.32025-12-01

CVE-2025-20792 [MEDIUM] CVE-2025-20792: Modem Android Security Bulletin 2025-12-01 CVE: CVE-2025-20792 Severity: HIGH Component: Modem References: A-446071856M-MOLY01717526*

android

CVE-2025-20790HIGHCVSS 5.32025-12-01

CVE-2025-20790 [MEDIUM] CVE-2025-20790: Modem Android Security Bulletin 2025-12-01 CVE: CVE-2025-20790 Severity: HIGH Component: Modem References: A-445775436M-MOLY01677581*

android

CVE-2025-38500MEDIUMCVSS 7.82025-12-01

CVE-2025-38500 [HIGH] CVE-2025-38500: XFRM Android Security Bulletin 2025-12-01 CVE: CVE-2025-38500 Severity: MEDIUM Type: EoP Component: XFRM References: A-436201996Upstream kernel [2]

android

CVE-2025-48593HIGHCVSS 8.0v13.0v14.0+6 more2025-11-18

CVE-2025-48593 [HIGH] CWE-416 CVE-2025-48593: In bta_hf_client_cb_init of bta_hf_client_main.cc, there is a possible remote code execution due to In bta_hf_client_cb_init of bta_hf_client_main.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

nvdandroid

CVE-2025-20746MEDIUMCVSS 6.7v14.0v15.02025-11-04

CVE-2025-20746 [MEDIUM] CWE-121 CVE-2025-20746: In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This coul In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10010441; Issue ID: MSV-3967.

nvd

CVE-2025-20749MEDIUMCVSS 6.7v14.0v15.0+1 more2025-11-04

CVE-2025-20749 [MEDIUM] CWE-121 CVE-2025-20749: In charger, there is a possible out of bounds write due to a missing bounds check. This could lead t In charger, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915493; Issue ID: MSV-3800.

nvd

CVE-2025-20744MEDIUMCVSS 4.2v13.0v14.0+2 more2025-11-04

CVE-2025-20744 [MEDIUM] CWE-416 CVE-2025-20744: In pda, there is a possible escalation of privilege due to use after free. This could lead to local In pda, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10127160; Issue ID: MSV-4542.

nvd

CVE-2025-20743MEDIUMCVSS 4.2v14.0v15.0+1 more2025-11-04

CVE-2025-20743 [MEDIUM] CWE-416 CVE-2025-20743: In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to loc In clkdbg, there is a possible escalation of privilege due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10136671; Issue ID: MSV-4651.

nvd

CVE-2025-20745MEDIUMCVSS 4.2v13.0v14.0+1 more2025-11-04

CVE-2025-20745 [MEDIUM] CWE-416 CVE-2025-20745: In apusys, there is a possible memory corruption due to use after free. This could lead to local esc In apusys, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10095441; Issue ID: MSV-4294.

nvd

CVE-2025-20730MEDIUMCVSS 6.7v13.0v14.0+2 more2025-11-04

CVE-2025-20730 [MEDIUM] CWE-287 CVE-2025-20730: In preloader, there is a possible escalation of privilege due to an insecure default value. This cou In preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10068463; Issue ID: MSV-4141.

nvdandroid

CVE-2025-20747MEDIUMCVSS 6.7v14.0v15.02025-11-04

CVE-2025-20747 [MEDIUM] CWE-121 CVE-2025-20747: In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This coul In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10010443; Issue ID: MSV-3966.

nvd

CVE-2025-20721HIGHCVSS 7.8v13.0v14.0+2 more2025-10-14

CVE-2025-20721 [HIGH] CWE-787 CVE-2025-20721: In imgsensor, there is a possible out of bounds write due to a missing bounds check. This could lead In imgsensor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10089545; Issue ID: MSV-4279.

nvd

CVE-2025-20723HIGHCVSS 7.8v14.0v15.02025-10-14

CVE-2025-20723 [HIGH] CWE-787 CVE-2025-20723: In gnss driver, there is a possible out of bounds write due to an incorrect bounds check. This could In gnss driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09920033; Issue ID: MSV-3797.

nvd

← Previous18 / 486Next →