Total
7228 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20471 | 1 Google | 1 Android | 2025-04-22 | N/A | 5.5 MEDIUM |
| In SendIncDecRestoreCmdPart2 of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-238177877 | |||||
| CVE-2022-20468 | 1 Google | 1 Android | 2025-04-22 | N/A | 6.5 MEDIUM |
| In BNEP_ConnectResp of bnep_api.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-228450451 | |||||
| CVE-2022-33268 | 1 Qualcomm | 190 Apq8009, Apq8009 Firmware, Apq8017 and 187 more | 2025-04-22 | N/A | 8.2 HIGH |
| Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2022-20498 | 1 Google | 1 Android | 2025-04-22 | N/A | 4.4 MEDIUM |
| In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-246465319 | |||||
| CVE-2024-20136 | 4 Google, Mediatek, Openwrt and 1 more | 32 Android, Mt2737, Mt6781 and 29 more | 2025-04-22 | N/A | 6.2 MEDIUM |
| In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09121847; Issue ID: MSV-1821. | |||||
| CVE-2024-20122 | 2 Google, Mediatek | 9 Android, Mt6761, Mt6765 and 6 more | 2025-04-22 | N/A | 4.4 MEDIUM |
| In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09008925; Issue ID: MSV-1572. | |||||
| CVE-2024-20123 | 2 Google, Mediatek | 9 Android, Mt6761, Mt6765 and 6 more | 2025-04-22 | N/A | 4.4 MEDIUM |
| In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09008925; Issue ID: MSV-1569. | |||||
| CVE-2024-20124 | 2 Google, Mediatek | 9 Android, Mt6761, Mt6765 and 6 more | 2025-04-22 | N/A | 4.4 MEDIUM |
| In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09008925; Issue ID: MSV-1568. | |||||
| CVE-2024-20127 | 2 Google, Mediatek | 47 Android, Mt6580, Mt6739 and 44 more | 2025-04-22 | N/A | 7.5 HIGH |
| In Telephony, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09289881; Issue ID: MSV-2023. | |||||
| CVE-2024-20128 | 2 Google, Mediatek | 47 Android, Mt6580, Mt6739 and 44 more | 2025-04-22 | N/A | 7.5 HIGH |
| In Telephony, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09289881; Issue ID: MSV-2024. | |||||
| CVE-2024-20112 | 2 Google, Mediatek | 6 Android, Mt6878, Mt6886 and 3 more | 2025-04-22 | N/A | 4.4 MEDIUM |
| In isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09071481; Issue ID: MSV-1730. | |||||
| CVE-2024-20116 | 2 Google, Mediatek | 19 Android, Mt6765, Mt6768 and 16 more | 2025-04-22 | N/A | 4.4 MEDIUM |
| In cmdq, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09057438; Issue ID: MSV-1696. | |||||
| CVE-2024-20117 | 2 Google, Mediatek | 9 Android, Mt6761, Mt6765 and 6 more | 2025-04-22 | N/A | 4.4 MEDIUM |
| In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09008925; Issue ID: MSV-1681. | |||||
| CVE-2024-20138 | 2 Google, Mediatek | 11 Android, Mt3605, Mt6985 and 8 more | 2025-04-22 | N/A | 7.5 HIGH |
| In wlan driver, there is a possible out of bound read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998291; Issue ID: MSV-1604. | |||||
| CVE-2025-20648 | 2 Google, Mediatek | 10 Android, Mt2718, Mt6879 and 7 more | 2025-04-22 | N/A | 5.5 MEDIUM |
| In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09456673; Issue ID: MSV-2584. | |||||
| CVE-2025-20651 | 5 Google, Linuxfoundation, Mediatek and 2 more | 25 Android, Yocto, Mt2737 and 22 more | 2025-04-22 | N/A | 4.1 MEDIUM |
| In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291294; Issue ID: MSV-2062. | |||||
| CVE-2025-20652 | 2 Google, Mediatek | 45 Android, Mt6580, Mt6739 and 42 more | 2025-04-22 | N/A | 4.6 MEDIUM |
| In V5 DA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291215; Issue ID: MSV-2052. | |||||
| CVE-2023-42982 | 1 Apple | 1 Macos | 2025-04-21 | N/A | 6.4 MEDIUM |
| Processing a file may lead to a denial-of-service or potentially disclose memory contents. This issue is fixed in macOS 14. The issue was addressed with improved checks. | |||||
| CVE-2022-32916 | 1 Apple | 1 Iphone Os | 2025-04-21 | N/A | 5.5 MEDIUM |
| An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 16. An app may be able to disclose kernel memory. | |||||
| CVE-2022-32943 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-04-21 | N/A | 5.3 MEDIUM |
| The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication. | |||||