Export limit exceeded: 360854 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (60 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-36901 | 1 Google | 2 Android, Pixel | 2026-02-26 | 8.8 High |
| WLAN in Android before 2025-09-05 on Google Pixel devices allows elevation of privilege, aka A-396462223. | ||||
| CVE-2024-49731 | 1 Google | 2 Android, Pixel Watch | 2026-02-26 | 4 Medium |
| In apk-versions.txt, there is a possible corruption of telemetry opt-in settings on other watches when setting up a new Pixel Watch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2023-45866 | 7 Apple, Bluproducts, Canonical and 4 more | 17 Ipados, Iphone Os, Iphone Se and 14 more | 2025-11-04 | 6.3 Medium |
| Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue. | ||||
| CVE-2024-29748 | 1 Google | 2 Android, Pixel | 2025-10-24 | 7.8 High |
| there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2024-44098 | 1 Google | 2 Android, Pixel | 2025-07-24 | 7.4 High |
| In lwis_device_event_states_clear_locked of lwis_event.c, there is a possible privilege escalation due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-47030 | 1 Google | 2 Android, Pixel | 2025-07-24 | 5.1 Medium |
| Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ACPM component, A-315191818. | ||||
| CVE-2024-47031 | 1 Google | 2 Android, Pixel | 2025-07-24 | 7.4 High |
| Android before 2024-10-05 on Google Pixel devices allows privilege escalation in the ABL component, A-329163861. | ||||
| CVE-2024-32919 | 1 Google | 2 Android, Pixel | 2025-07-22 | 7.8 High |
| In lwis_add_completion_fence of lwis_fence.c, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-29753 | 1 Google | 2 Android, Pixel | 2025-06-17 | 7.7 High |
| In tmu_set_control_temp_step of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-29743 | 1 Google | 2 Android, Pixel | 2025-06-17 | 7.7 High |
| In tmu_set_temp_lut of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-48418 | 1 Google | 2 Pixel Watch, Pixel Watch Firmware | 2025-06-03 | 10 Critical |
| In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation | ||||
| CVE-2016-6916 | 2 Google, Nvidia | 9 Nexus 9, Pixel C, Shield Tablet and 6 more | 2025-04-20 | N/A |
| Integer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5 allows local users to cause a denial of service (system crash) via unspecified vectors, which triggers a buffer overflow. | ||||
| CVE-2016-6917 | 2 Google, Nvidia | 9 Nexus 9, Pixel C, Shield Tablet and 6 more | 2025-04-20 | N/A |
| Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5. | ||||
| CVE-2016-6915 | 2 Google, Nvidia | 9 Nexus 9, Pixel C, Shield Tablet and 6 more | 2025-04-20 | N/A |
| Stack-based buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5. | ||||
| CVE-2017-15361 | 35 Acer, Aopen, Asi and 32 more | 126 C720 Chromebook, Chromebase, Chromebase 24 and 123 more | 2025-04-20 | N/A |
| The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. Examples of affected technologies include BitLocker with TPM 1.2, YubiKey 4 (before 4.3.5) PGP key generation, and the Cached User Data encryption feature in Chrome OS. | ||||
| CVE-2016-2459 | 1 Google | 10 Android, Android One, Nexus 5 and 7 more | 2025-04-12 | N/A |
| mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, related to IGraphicBufferConsumer.cpp and IGraphicBufferProducer.cpp, aka internal bug 27556038. | ||||
| CVE-2024-27227 | 1 Google | 2 Android, Pixel | 2025-03-25 | 9.8 Critical |
| A malicious DNS response can trigger a number of OOB reads, writes, and other memory issues | ||||
| CVE-2018-9392 | 1 Google | 2 Android, Pixel | 2024-12-19 | 7.8 High |
| In get_binary of vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/data_coder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9397 | 1 Google | 2 Android, Pixel | 2024-12-19 | 7.8 High |
| In WMT_unlocked_ioctl of MTK WMT device driver, there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2018-9398 | 1 Google | 2 Android, Pixel | 2024-12-19 | 7.8 High |
| In fm_set_stat of mediatek FM radio driver, there is a possible OOB write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||