Google Android vulnerabilities
9,646 known vulnerabilities affecting google/android.
Total CVEs
9,646
CISA KEV
48
actively exploited
Public exploits
89
Exploited in wild
44
Severity breakdown
CRITICAL883HIGH5184MEDIUM3317LOW260UNKNOWN2
Vulnerabilities
Page 32 of 483
CVE-2024-53150HIGHCVSS 7.1KEV2025-04-01
CVE-2024-53150 [HIGH] CVE-2024-53150: USB
Android Security Bulletin 2025-04-01
CVE: CVE-2024-53150
Severity: HIGH
Type: ID
Component: USB
References: A-382239029
Upstream kernel
[2]
android
CVE-2024-53197HIGHCVSS 7.8KEV2025-04-01
CVE-2024-53197 [HIGH] CVE-2024-53197: USB
Android Security Bulletin 2025-04-01
CVE: CVE-2024-53197
Severity: HIGH
Type: EoP
Component: USB
References: A-382243530
Upstream kernel
[2]
android
CVE-2024-50264HIGHCVSS 7.82025-04-01
CVE-2024-50264 [HIGH] CVE-2024-50264: Net
Android Security Bulletin 2025-04-01
CVE: CVE-2024-50264
Severity: HIGH
Type: EoP
Component: Net
References: A-378870958
Upstream kernel
android
CVE-2024-56556HIGHCVSS 7.02025-04-01
CVE-2024-56556 [HIGH] CVE-2024-56556: Binder
Android Security Bulletin 2025-04-01
CVE: CVE-2024-56556
Severity: HIGH
Type: EoP
Component: Binder
References: A-380855429
Upstream kernel
[2]
android
CVE-2024-45549HIGHCVSS 7.72025-04-01
CVE-2024-45549 [HIGH] CVE-2024-45549: Closed-source component
Android Security Bulletin 2025-04-01
CVE: CVE-2024-45549
Severity: HIGH
Component: Closed-source component
References: A-372002818
*
android
CVE-2024-47895HIGHCVSS 7.12025-04-01
CVE-2024-47895 [HIGH] CVE-2024-47895: PowerVR-GPU
Android Security Bulletin 2025-04-01
CVE: CVE-2024-47895
Severity: HIGH
Component: PowerVR-GPU
References: A-380296167
*
android
CVE-2024-56192HIGHCVSS 7.8vunknown2025-03-10
CVE-2024-56192 [HIGH] CWE-281 CVE-2024-56192: In wl_notify_gscan_event of wl_cfgscan.c, there is a possible out of bounds write due to a missing b
In wl_notify_gscan_event of wl_cfgscan.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2024-56191HIGHCVSS 8.4vunknown2025-03-10
CVE-2024-56191 [HIGH] CWE-281 CVE-2024-56191: In dhd_process_full_gscan_result of dhd_pno.c, there is a possible EoP due to an integer overflow. T
In dhd_process_full_gscan_result of dhd_pno.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2024-56186MEDIUMCVSS 5.1vAndroid kernel2025-03-10
CVE-2024-56186 [MEDIUM] CWE-125 CVE-2024-56186: In closeChannel of secureelementimpl.cpp, there is a possible out of bounds read due to an incorrect
In closeChannel of secureelementimpl.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2024-56185MEDIUMCVSS 5.1vAndroid kernel2025-03-10
CVE-2024-56185 [MEDIUM] CWE-125 CVE-2024-56185: In ProtocolUnsolOnSSAdapter::GetServiceClass() of protocolcalladapter.cpp, there is a possible out-o
In ProtocolUnsolOnSSAdapter::GetServiceClass() of protocolcalladapter.cpp, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation.
nvd
CVE-2024-56187MEDIUMCVSS 6.6vAndroid kernel2025-03-10
CVE-2024-56187 [MEDIUM] CWE-125 CVE-2024-56187: In ppcfw_deny_sec_dram_access of ppcfw.c, there is a possible arbitrary read from TEE memory due to
In ppcfw_deny_sec_dram_access of ppcfw.c, there is a possible arbitrary read from TEE memory due to a logic error in the code. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2024-56184MEDIUMCVSS 5.1vAndroid kernel2025-03-10
CVE-2024-56184 [MEDIUM] CWE-125 CVE-2024-56184: In static long dev_send of tipc_dev_ql, there is a possible out of bounds read due to an incorrect b
In static long dev_send of tipc_dev_ql, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2024-56188MEDIUMCVSS 5.1vAndroid kernel2025-03-10
CVE-2024-56188 [MEDIUM] CWE-476 CVE-2024-56188: there is a possible way to crash the modem due to a missing null check. This could lead to remote de
there is a possible way to crash the modem due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2025-20645HIGHCVSS 7.8v14.0v15.02025-03-03
CVE-2025-20645 [HIGH] CWE-787 CVE-2025-20645: In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lea
In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09475476; Issue ID: MSV-2599.
nvdandroid
CVE-2025-20648MEDIUMCVSS 5.5v13.0v14.0+1 more2025-03-03
CVE-2025-20648 [MEDIUM] CWE-125 CVE-2025-20648: In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to loc
In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09456673; Issue ID: MSV-2584.
nvd
CVE-2025-20650MEDIUMCVSS 6.8v13.0v14.0+1 more2025-03-03
CVE-2025-20650 [MEDIUM] CWE-787 CVE-2025-20650: In da, there is a possible out of bounds write due to a missing bounds check. This could lead to loc
In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291294; Issue ID: MSV-2061.
nvd
CVE-2025-20652MEDIUMCVSS 4.6v13.0v14.0+1 more2025-03-03
CVE-2025-20652 [MEDIUM] CWE-125 CVE-2025-20652: In V5 DA, there is a possible out of bounds read due to a missing bounds check. This could lead to l
In V5 DA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291215; Issue ID: MSV-2052.
nvd
CVE-2025-20653MEDIUMCVSS 6.5v13.0v14.0+1 more2025-03-03
CVE-2025-20653 [MEDIUM] CWE-190 CVE-2025-20653: In da, there is a possible out of bounds read due to an integer overflow. This could lead to local i
In da, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291064; Issue ID: MSV-2046.
nvd
CVE-2025-20651MEDIUMCVSS 4.1v13.0v14.0+1 more2025-03-03
CVE-2025-20651 [MEDIUM] CWE-125 CVE-2025-20651: In da, there is a possible out of bounds read due to a missing bounds check. This could lead to loca
In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291294; Issue ID: MSV-2062.
nvd
CVE-2025-20644HIGHCVSS 6.52025-03-01
CVE-2025-20644 [MEDIUM] CVE-2025-20644: Modem
Android Security Bulletin 2025-03-01
CVE: CVE-2025-20644
Severity: HIGH
Component: Modem
References: A-386727712
MOLY01525673
*
android