Google Android vulnerabilities
9,646 known vulnerabilities affecting google/android.
Total CVEs
9,646
CISA KEV
48
actively exploited
Public exploits
89
Exploited in wild
44
Severity breakdown
CRITICAL883HIGH5184MEDIUM3317LOW260UNKNOWN2
Vulnerabilities
Page 65 of 483
CVE-2023-52343MEDIUMCVSS 5.5v12.0v13.0+1 more2024-04-08
CVE-2023-52343 [MEDIUM] CWE-1284 CVE-2023-52343: In SecurityCommand message after as security has been actived., there is a possible improper input v
In SecurityCommand message after as security has been actived., there is a possible improper input validation. This could lead to remote information disclosure no additional execution privileges needed
nvd
CVE-2024-23658MEDIUMCVSS 4.4v12.0v13.0+1 more2024-04-08
CVE-2024-23658 [MEDIUM] CWE-416 CVE-2024-23658: In camera driver, there is a possible use after free due to a logic error. This could lead to local
In camera driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed
nvd
CVE-2023-52352MEDIUMCVSS 5.5v13.0v14.02024-04-08
CVE-2023-52352 [MEDIUM] CWE-862 CVE-2023-52352: In Network Adapter Service, there is a possible missing permission check. This could lead to local d
In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed
nvd
CVE-2023-52344MEDIUMCVSS 5.3v12.0v13.0+1 more2024-04-08
CVE-2023-52344 [MEDIUM] CWE-476 CVE-2023-52344: In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This c
In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed
nvd
CVE-2023-52348MEDIUMCVSS 4.4v12.0v13.0+1 more2024-04-08
CVE-2023-52348 [MEDIUM] CWE-787 CVE-2023-52348: In ril service, there is a possible out of bounds write due to a missing bounds check. This could le
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
nvd
CVE-2023-52535MEDIUMCVSS 4.4v12.0v13.02024-04-08
CVE-2023-52535 [MEDIUM] CWE-20 CVE-2023-52535: In vsp driver, there is a possible missing verification incorrect input. This could lead to local de
In vsp driver, there is a possible missing verification incorrect input. This could lead to local denial of service with no additional execution privileges needed
nvd
CVE-2023-52533MEDIUMCVSS 5.3v12.0v13.0+1 more2024-04-08
CVE-2023-52533 [MEDIUM] CWE-475 CVE-2023-52533: In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This c
In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed
nvd
CVE-2023-52345MEDIUMCVSS 6.0v12.0v13.0+1 more2024-04-08
CVE-2023-52345 [MEDIUM] CWE-922 CVE-2023-52345: In modem driver, there is a possible system crash due to improper input validation. This could lead
In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed
nvd
CVE-2023-52349MEDIUMCVSS 4.4v12.0v13.0+1 more2024-04-08
CVE-2023-52349 [MEDIUM] CWE-787 CVE-2023-52349: In ril service, there is a possible out of bounds write due to a missing bounds check. This could le
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
nvd
CVE-2023-52534MEDIUMCVSS 5.9v12.0v13.0+1 more2024-04-08
CVE-2023-52534 [MEDIUM] CWE-754 CVE-2023-52534: In ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to
In ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed
nvd
CVE-2023-52350MEDIUMCVSS 4.4v12.0v13.0+1 more2024-04-08
CVE-2023-52350 [MEDIUM] CWE-787 CVE-2023-52350: In ril service, there is a possible out of bounds write due to a missing bounds check. This could le
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
nvd
CVE-2023-52347MEDIUMCVSS 5.5v12.0v13.0+1 more2024-04-08
CVE-2023-52347 [MEDIUM] CWE-787 CVE-2023-52347: In ril service, there is a possible out of bounds write due to a missing bounds check. This could le
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
nvd
CVE-2023-52536MEDIUMCVSS 4.4v12.0v13.0+1 more2024-04-08
CVE-2023-52536 [MEDIUM] CWE-125 CVE-2023-52536: In faceid service, there is a possible out of bounds read due to a missing bounds check. This could
In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
nvd
CVE-2024-29756CRITICALCVSS 9.8vAndroid kernel2024-04-05
CVE-2024-29756 [CRITICAL] CWE-121 CVE-2024-29756: In afe_callback of q6afe.c, there is a possible out of bounds write due to a buffer overflow. This c
In afe_callback of q6afe.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2024-29748HIGHCVSS 7.8KEVfixed in 2024-04-05vAndroid kernel2024-04-05
CVE-2024-29748 [HIGH] CWE-755 CVE-2024-29748: there is a possible way to bypass due to a logic error in the code. This could lead to local escala
there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
nvd
CVE-2024-29746HIGHCVSS 8.4vAndroid kernel2024-04-05
CVE-2024-29746 [HIGH] CWE-787 CVE-2024-29746: In lpm_req_handler of lpm.c, there is a possible out of bounds write due to improper input validatio
In lpm_req_handler of lpm.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2024-29757HIGHCVSS 7.3vAndroid kernel2024-04-05
CVE-2024-29757 [HIGH] CWE-287 CVE-2024-29757: there is a possible permission bypass due to Debug certs being allowlisted. This could lead to local
there is a possible permission bypass due to Debug certs being allowlisted. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2024-29743HIGHCVSS 7.7vAndroid kernel2024-04-05
CVE-2024-29743 [HIGH] CWE-787 CVE-2024-29743: In tmu_set_temp_lut of tmu.c, there is a possible out of bounds write due to a missing bounds check.
In tmu_set_temp_lut of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2024-29749HIGHCVSS 8.4vAndroid kernel2024-04-05
CVE-2024-29749 [HIGH] CWE-787 CVE-2024-29749: In tmu_set_tr_thresholds of tmu.c, there is a possible out of bounds write due to a missing bounds c
In tmu_set_tr_thresholds of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2024-29741HIGHCVSS 7.8vAndroid kernel2024-04-05
CVE-2024-29741 [HIGH] CWE-269 CVE-2024-29741: In pblS2mpuResume of s2mpu.c, there is a possible mitigation bypass due to a logic error in the code
In pblS2mpuResume of s2mpu.c, there is a possible mitigation bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd