Loading...
Loading...
1,613 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
In setIPv6AddrGenMode of NetworkManagementService.java, there is a possible bypass of networking permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed…
In onHandleIntent of TraceService.java, there is a possible bypass of developer settings requirements for capturing system traces due to a missing permission check. This could lead to local escalation of privilege with no additional execut…
In multiple functions of AccountManager.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
In multiple functions of AccountManager.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
In onCreate of ConfirmConnectActivity.java, there is a possible leak of Bluetooth information due to a permissions bypass. This could lead to local escalation of privilege that exposes a pairing Bluetooth MAC address with no additional exe…
In onCommand of CompanionDeviceManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing background data usage or launching from the background,…
In MediaProvider, there is a possible way to access ContentResolver and MediaStore entries the app shouldn't have access to due to a permissions bypass. This could lead to local escalation of privilege, with no additional execution privile…
In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
In Java network APIs, there is possible access to sensitive network state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for…
In bindWallpaperComponentLocked of WallpaperManagerService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction…
In Telecom, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersio…
In ADB server and USB server, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Prod…
In devicepolicy service, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: …
In Bluetooth, there is a possible control over Bluetooth enabled state due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for e…
In Bluetooth, there is a possible spoofing of bluetooth device metadata due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitat…
In Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersi…
In Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersi…
In Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersi…
In Window Manager, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: Androi…
In Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersi…
In InputManagerService, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: A…
In Battery Saver, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: Android…
In Zen Mode, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersi…
In Telephony, there is a missing permission check. This could lead to local information disclosure of radio data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Andr…
In UsageStatsManager, there is a possible access to protected data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploi…
In NetworkStatsService, there is a possible access to protected data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for expl…
In NFC, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
In createEmergencyLocationUserNotification of GnssVisibilityControl.java, there is a possible permissions bypass due to an empty mutable PendingIntent. This could lead to local escalation of privilege with User execution privileges needed.…
In the app zygote SE Policy, there is a possible permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: …
In setNotification of SapServer.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitatio…
In setProcessMemoryTrimLevel of ActivityManagerService.java, there is a missing permission check. This could lead to local information disclosure of foreground processes with no additional execution privileges needed. User interaction is n…
In AudioFlinger::RecordThread::threadLoop of audioflinger/Threads.cpp, there is a possible non-silenced audio buffer due to a permissions bypass. This could lead to remote information disclosure with no additional execution privileges need…
In various locations in SystemUI, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure of contact data with User execution privileges needed. User interaction is not needed f…
In SyncManager, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: …
In CellBroadcastReceiver's intent handlers, there is a possible denial of service due to a missing permission check. This could lead to local denial of service of emergency alerts with no additional execution privileges needed. User intera…
In generatePackageInfo of PackageManagerService.java, there is a possible permissions bypass due to an incorrect permission check. This could lead to local escalation of privilege that allows instant apps access to permissions not allowed …
In createVirtualDisplay of DisplayManagerService.java, there is a possible way to create a trusted virtual display due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges …
In getPhoneAccountsForPackage of TelecomServiceImpl.java, there is a possible way to access a tracking identifier due to a missing permission check. This could lead to local information disclosure of the identifier, which could be used to …
In updateNotification of BeamTransferManager.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed …
In sendConfiguredNetworkChangedBroadcast of WifiConfigManager.java, there is a possible leak of sensitive WiFi configuration data due to a missing permission check. This could lead to local information disclosure of WiFi network names with…
In listen() and related functions of TelephonyRegistry.java, there is a possible permissions bypass of location permissions due to a missing permission check. This could lead to local information disclosure with no additional execution pri…
In createInputConsumer of WindowManagerService.java, there is a possible way to block and intercept input events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges ne…
In areFunctionsSupported of UsbBackend.java, there is a possible access to tethering from a guest account due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. U…
In openAssetFileListener of ContactsProvider2.java, there is a possible permission bypass due to an insecure default value. This could lead to local escalation of privilege to change contact data with no additional execution privileges nee…
Incorrect default permissions in the installer for Intel(R) Graphics Drivers before versions 15.33.49.5100, 15.36.38.5117, 15.40.44.5107, 15.45.30.5103, and 26.20.100.7212 may allow an authenticated user to potentially enable escalation of…
Improper default permissions in the installer for Intel(R) Graphics Drivers before versions 26.20.100.7463 and 15.45.30.5103 may allow an authenticated user to potentially enable escalation of privilege via local access.
Improper default permissions in the firmware for the Intel(R) Ethernet I210 Controller series of network adapters before version 3.30 may allow an authenticated user to potentially enable denial of service via local access.
Incorrect default permissions in the installer for Intel(R) Data Migration Software versions 3.3 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.
EchelonGraph correlates every CVE — across CWE-276 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →