ReportizFlow
Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
9072 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-0038 | 1 Google | 1 Android | 2026-04-17 | 8.4 High |
| In multiple functions of mem_protect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-30792 | 6 Apple, Google, Linux and 3 more | 7 Iphone Os, Macos, Android and 4 more | 2026-04-17 | 8.1 High |
| A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Strategy sync, HTTP API client, config options engine modules) allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files src/hbbs_http/sync.Rs, hbb_common/src/config.Rs and program routines Strategy merge loop in sync.Rs, Config::set_options(). This issue affects RustDesk Client: through 1.4.5. | ||||
| CVE-2026-30793 | 6 Apple, Google, Linux and 3 more | 7 Iphone Os, Macos, Android and 4 more | 2026-04-17 | 9.8 Critical |
| Cross-Site Request Forgery (CSRF) vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, FFI bridge modules) allows Privilege Escalation. This vulnerability is associated with program files flutter/lib/common.Dart, src/flutter_ffi.Rs and program routines URI handler for rustdesk://password/, bind.MainSetPermanentPassword(). This issue affects RustDesk Client: through 1.4.5. | ||||
| CVE-2026-0110 | 1 Google | 1 Android | 2026-04-17 | 9.8 Critical |
| In MM_DATA_IND of cn_NrSmMsgHdlrFromMM.cpp, there is a possible EoP due to memory corruption. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-20410 | 2 Google, Mediatek | 6 Android, Mt6897, Mt6989 and 3 more | 2026-04-16 | 6.7 Medium |
| In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362552; Issue ID: MSV-5760. | ||||
| CVE-2026-20413 | 2 Google, Mediatek | 5 Android, Mt6899, Mt6991 and 2 more | 2026-04-16 | 6.7 Medium |
| In imgsys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10362725; Issue ID: MSV-5694. | ||||
| CVE-2026-20425 | 2 Google, Mediatek | 30 Android, Mt6739, Mt6761 and 27 more | 2026-04-16 | 6.7 Medium |
| In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5539. | ||||
| CVE-2026-20426 | 2 Google, Mediatek | 30 Android, Mt6739, Mt6761 and 27 more | 2026-04-16 | 6.7 Medium |
| In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5538. | ||||
| CVE-2026-20427 | 2 Google, Mediatek | 30 Android, Mt6739, Mt6761 and 27 more | 2026-04-16 | 6.7 Medium |
| In display, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5537. | ||||
| CVE-2026-20428 | 2 Google, Mediatek | 30 Android, Mt6739, Mt6761 and 27 more | 2026-04-16 | 6.7 Medium |
| In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5536. | ||||
| CVE-2026-20438 | 2 Google, Mediatek | 12 Android, Mt2718, Mt6899 and 9 more | 2026-04-16 | 6.4 Medium |
| In MAE, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10431920; Issue ID: MSV-5835. | ||||
| CVE-2026-20442 | 2 Google, Mediatek | 47 Android, Mt6739, Mt6761 and 44 more | 2026-04-16 | 4.4 Medium |
| In display, there is a possible system crash due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436998; Issue ID: MSV-5723. | ||||
| CVE-2026-20443 | 2 Google, Mediatek | 47 Android, Mt6739, Mt6761 and 44 more | 2026-04-16 | 6.7 Medium |
| In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436998; Issue ID: MSV-5722. | ||||
| CVE-2026-20424 | 2 Google, Mediatek | 6 Android, Mt6991, Mt6993 and 3 more | 2026-04-16 | 4.4 Medium |
| In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10320471; Issue ID: MSV-5540. | ||||
| CVE-2026-20445 | 2 Google, Mediatek | 24 Android, Mt6835, Mt6855 and 21 more | 2026-04-16 | 4.4 Medium |
| In MDDP, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10289875; Issue ID: MSV-5184. | ||||
| CVE-2026-20416 | 2 Google, Mediatek | 5 Android, Mt6991, Mt6993 and 2 more | 2026-04-16 | 7.2 High |
| In pcie, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10315038 / ALPS10340155; Issue ID: MSV-5155. | ||||
| CVE-2026-0005 | 1 Google | 1 Android | 2026-04-16 | 6.2 Medium |
| In onServiceDisconnected of KeyguardServiceDelegate.java, there is a possible partial bypass of app pinning allowing limited interaction with other apps without knowing the LSKF due to a missing permission check. This could lead to local information disclosure where the extent of interaction and impact is app-dependent with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0006 | 1 Google | 1 Android | 2026-04-16 | 9.8 Critical |
| In multiple locations, there is a possible out of bounds read and write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0008 | 1 Google | 1 Android | 2026-04-16 | 8.4 High |
| In multiple locations, there is a possible privilege escalation due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0010 | 1 Google | 1 Android | 2026-04-16 | 8.4 High |
| In onTransact of IDrmManagerService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||