Google Android vulnerabilities
9,646 known vulnerabilities affecting google/android.
Total CVEs
9,646
CISA KEV
48
actively exploited
Public exploits
89
Exploited in wild
44
Severity breakdown
CRITICAL883HIGH5184MEDIUM3317LOW260UNKNOWN2
Vulnerabilities
Page 71 of 483
CVE-2024-25990MEDIUMCVSS 6.4v13.0v132024-03-11
CVE-2024-25990 [MEDIUM] CWE-269 CVE-2024-25990: In pktproc_perftest_gen_rx_packet_sktbuf_mode of link_rx_pktproc.c, there is a possible out of bound
In pktproc_perftest_gen_rx_packet_sktbuf_mode of link_rx_pktproc.c, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2024-27223MEDIUMCVSS 5.1v13.0v132024-03-11
CVE-2024-27223 [MEDIUM] CWE-125 CVE-2024-27223: In EUTRAN_LCS_DecodeFacilityInformationElement of LPP_LcsManagement.c, there is a possible out of bo
In EUTRAN_LCS_DecodeFacilityInformationElement of LPP_LcsManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure after authenticating the cell connection with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2024-25989MEDIUMCVSS 5.9v13.0v132024-03-11
CVE-2024-25989 [MEDIUM] CWE-125 CVE-2024-25989: In gpu_slc_liveness_update of pixel_gpu_slc.c, there is a possible out of bounds read due to a missi
In gpu_slc_liveness_update of pixel_gpu_slc.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2024-27237MEDIUMCVSS 5.5v132024-03-11
CVE-2024-27237 [MEDIUM] CWE-131 CVE-2024-27237: In wipe_ns_memory of nsmemwipe.c, there is a possible incorrect size calculation due to a logic erro
In wipe_ns_memory of nsmemwipe.c, there is a possible incorrect size calculation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2024-27218MEDIUMCVSS 5.5v132024-03-11
CVE-2024-27218 [MEDIUM] CWE-125 CVE-2024-27218: In update_freq_data of , there is a possible out of bounds read due to a missing bounds check. This
In update_freq_data of , there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2024-0052LOWCVSS 3.3v14.0v142024-03-11
CVE-2024-0052 [LOW] CWE-862 CVE-2024-0052: In multiple functions of healthconnect, there is a possible leakage of exercise route data due to a
In multiple functions of healthconnect, there is a possible leakage of exercise route data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
nvdandroid
CVE-2024-25991LOWCVSS 3.3v13.0v132024-03-11
CVE-2024-25991 [LOW] CWE-125 CVE-2024-25991: In acpm_tmu_ipc_handler of tmu_plugin.c, there is a possible out of bounds read due to a missing bou
In acpm_tmu_ipc_handler of tmu_plugin.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2024-0053LOWCVSS 3.3v12.0v12.1+6 more2024-03-11
CVE-2024-0053 [LOW] CWE-497 CVE-2024-0053: In getCustomPrinterIcon of PrintManagerService.java, there is a possible way to view other user's im
In getCustomPrinterIcon of PrintManagerService.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
nvdandroid
CVE-2024-20029HIGHCVSS 8.4v13.0v14.02024-03-04
CVE-2024-20029 [HIGH] CWE-787 CVE-2024-20029: In wlan firmware, there is a possible out of bounds write due to improper input validation. This cou
In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08477406; Issue ID: MSV-1010.
nvd
CVE-2024-20027HIGHCVSS 7.9v12.0v13.0+1 more2024-03-04
CVE-2024-20027 [HIGH] CWE-787 CVE-2024-20027: In da, there is a possible out of bounds write due to improper input validation. This could lead to
In da, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541633.
nvdandroid
CVE-2024-20005HIGHCVSS 8.2v12.0v13.0+1 more2024-03-04
CVE-2024-20005 [HIGH] CWE-276 CVE-2024-20005: In da, there is a possible permission bypass due to a missing permission check. This could lead to l
In da, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355599; Issue ID: ALPS08355599.
nvdandroid
CVE-2024-20034HIGHCVSS 7.2v12.0v13.0+1 more2024-03-04
CVE-2024-20034 [HIGH] CWE-20 CVE-2024-20034: In battery, there is a possible escalation of privilege due to a missing bounds check. This could le
In battery, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08488849; Issue ID: ALPS08488849.
nvd
CVE-2024-20023MEDIUMCVSS 6.7v12.0v13.0+1 more2024-03-04
CVE-2024-20023 [MEDIUM] CWE-787 CVE-2024-20023: In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to loc
In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638.
nvdandroid
CVE-2024-20030MEDIUMCVSS 4.4v12.0v13.0+1 more2024-03-04
CVE-2024-20030 [MEDIUM] CVE-2024-20030: In da, there is a possible information disclosure due to improper input validation. This could lead
In da, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541741.
nvd
CVE-2024-20033MEDIUMCVSS 4.4v12.0v13.0+1 more2024-03-04
CVE-2024-20033 [MEDIUM] CWE-787 CVE-2024-20033: In nvram, there is a possible information disclosure due to a missing bounds check. This could lead
In nvram, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08499945; Issue ID: ALPS08499945.
nvd
CVE-2024-20025MEDIUMCVSS 6.7v12.0v13.0+1 more2024-03-04
CVE-2024-20025 [MEDIUM] CWE-190 CVE-2024-20025: In da, there is a possible out of bounds write due to an integer overflow. This could lead to local
In da, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541686; Issue ID: ALPS08541686.
nvdandroid
CVE-2024-20031MEDIUMCVSS 6.7v12.0v13.0+1 more2024-03-04
CVE-2024-20031 [MEDIUM] CWE-787 CVE-2024-20031: In da, there is a possible out of bounds write due to lack of valudation. This could lead to local e
In da, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541742.
nvd
CVE-2024-20022MEDIUMCVSS 6.7v12.0v13.0+1 more2024-03-04
CVE-2024-20022 [MEDIUM] CWE-125 CVE-2024-20022: In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to
In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528255; Issue ID: ALPS08528255.
nvdandroid
CVE-2024-20026MEDIUMCVSS 4.2v12.0v13.0+1 more2024-03-04
CVE-2024-20026 [MEDIUM] CVE-2024-20026: In da, there is a possible information disclosure due to improper input validation. This could lead
In da, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541632.
nvdandroid
CVE-2024-20028MEDIUMCVSS 6.6v12.0v13.0+1 more2024-03-04
CVE-2024-20028 [MEDIUM] CWE-787 CVE-2024-20028: In da, there is a possible out of bounds write due to lack of valudation. This could lead to local e
In da, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541687.
nvdandroid