Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google android api vulnerabilities and exploits
(subscribe to this query)
7.3
CVSSv3
CVE-2022-20442
In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a separate app with API level < 23 due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is ne...
Google Android 10.0
Google Android 11.0
Google Android 12.0
4.4
CVSSv3
CVE-2021-25411
Improper address validation vulnerability in RKP api prior to SMR JUN-2021 Release 1 allows root privileged local malicious users to write read-only kernel memory.
Google Android 10.0
Google Android 11.0
6.7
CVSSv3
CVE-2022-26461
In vow, there is a possible undefined behavior due to an API misuse. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032604; Issue ID: ALPS07032604.
Google Android 11.0
Google Android 12.0
NA
CVE-2012-4907
Google Chrome prior to 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote malicious users to have an unspecified impact via a crafted web page.
Google Chrome
7.8
CVSSv3
CVE-2014-9960
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API.
Google Android
7.8
CVSSv3
CVE-2015-9030
In all Android releases from CAF using the Linux kernel, the Hypervisor API could be misused to bypass authentication.
Google Android
7.8
CVSSv3
CVE-2015-9023
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API.
Google Android
9.8
CVSSv3
CVE-2015-9040
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in a GERAN API.
Google Android
9.8
CVSSv3
CVE-2014-4959
**DISPUTED** SQL injection vulnerability in SQLiteDatabase.java in the SQLi Api in Android allows remote malicious users to execute arbitrary SQL commands via the delete method.
Google Android -
7.8
CVSSv3
CVE-2017-11074
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is an obsolete set/reset ssid hotlist API.
Google Android -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »