Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
android vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-20385
a function called 'nla_parse', do not check the len of para, it will check nla_type (which can be controlled by userspace) with 'maxtype' (in this case, it is GSCAN_MAX), then it access polciy array 'policy[type]', which OOB access happens.Product: A...
Google Android -
9.8
CVSSv3
CVE-2022-20387
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227324
Google Android -
9.8
CVSSv3
CVE-2022-20388
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227323
Google Android -
9.8
CVSSv3
CVE-2022-20391
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238257000
Google Android -
9.8
CVSSv3
CVE-2022-20386
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227328
Google Android -
9.8
CVSSv3
CVE-2022-20389
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238257004
Google Android -
9.8
CVSSv3
CVE-2022-20390
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238257002
Google Android -
9.8
CVSSv3
CVE-2021-0942
The path in this case is a little bit convoluted. The end result is that via an ioctl an untrusted app can control the ui32PageIndex offset in the expression:sPA.uiAddr = page_to_phys(psOSPageArrayData->pagearray[ui32PageIndex]);With the current PoC this crashes as an OOB read...
Google Android -
9.8
CVSSv3
CVE-2022-26447
In BT firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784478; Issue ID: ALPS06784478.
Google Android 10.0
Google Android 11.0
Google Android 12.0
Yoctoproject Yocto 3.1
9.8
CVSSv3
CVE-2022-20122
The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes it available to be freed), and continue using the page in GPU calls. No privileges required and this results in kernel memory corruption.Product: AndroidVersions: Android SoCAndroid ...
Google Android -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »