Total
13664 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-20697 | 2 Google, Mediatek | 30 Android, Mt2718, Mt6761 and 27 more | 2026-02-26 | 6.7 Medium |
| In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915681; Issue ID: MSV-3795. | ||||
| CVE-2025-20698 | 2 Google, Mediatek | 41 Android, Mt2718, Mt6739 and 38 more | 2026-02-26 | 6.7 Medium |
| In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915400; Issue ID: MSV-3793. | ||||
| CVE-2025-21017 | 1 Samsung | 1 Blockchain Keystore | 2026-02-26 | 6.3 Medium |
| Out-of-bounds write in detaching crypto box in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory. | ||||
| CVE-2025-20708 | 1 Mediatek | 64 Modem, Mt2735, Mt2737 and 61 more | 2026-02-26 | 8.8 High |
| In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01123853; Issue ID: MSV-4131. | ||||
| CVE-2025-21020 | 1 Samsung | 1 Blockchain Keystore | 2026-02-26 | 5.7 Medium |
| Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory. | ||||
| CVE-2025-20704 | 1 Mediatek | 16 Mt6813, Mt6835, Mt6835t and 13 more | 2026-02-26 | 8 High |
| In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01516959; Issue ID: MSV-3502. | ||||
| CVE-2025-21021 | 1 Samsung | 1 Blockchain Keystore | 2026-02-26 | 5.7 Medium |
| Out-of-bounds write in drawing pinpad in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory. | ||||
| CVE-2025-21461 | 1 Qualcomm | 49 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 46 more | 2026-02-26 | 7.8 High |
| Memory corruption when programming registers through virtual CDM. | ||||
| CVE-2024-49730 | 1 Google | 1 Android | 2026-02-26 | 7.8 High |
| In FuseDaemon.cpp, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-6633 | 1 Autodesk | 2 3ds Max, 3ds Max | 2026-02-26 | 7.8 High |
| A maliciously crafted RBG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2023-21475 | 1 Samsung | 3 Android, Mobile, Samsung Mobile | 2026-02-26 | 8 High |
| Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2023-21476 | 1 Samsung | 3 Android, Mobile, Samsung Mobile | 2026-02-26 | 8 High |
| Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2025-36897 | 1 Google | 1 Android | 2026-02-26 | 9.8 Critical |
| In unknown of cd_CnMsgCodecUserApi.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-36903 | 1 Google | 1 Android | 2026-02-26 | 7.8 High |
| In lwis_io_buffer_write, there is a possible OOB read/write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-36907 | 1 Google | 1 Android | 2026-02-26 | 7.3 High |
| In draw_surface_image() of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege via USB fastboot, after a bootloader unlock, with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2025-36908 | 1 Google | 1 Android | 2026-02-26 | 6.7 Medium |
| In lwis_top_register_io of lwis_device_top.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-56190 | 1 Google | 1 Android | 2026-02-26 | 7.8 High |
| In wl_update_hidden_ap_ie() of wl_cfgscan.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-36887 | 1 Google | 1 Android | 2026-02-26 | 7.8 High |
| In wl_cfgscan_update_v3_schedscan_results() of wl_cfgscan.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-49739 | 1 Google | 1 Android | 2026-02-26 | 4 Medium |
| In MMapVAccess of pmr_os.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-26403 | 1 Intel | 2 Xeon, Xeon Processors | 2026-02-26 | 7.2 High |
| Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. | ||||