cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2018-9391,https://securityvulnerability.io/vulnerability/CVE-2018-9391,Possible Out of Bounds Write in gps_hal Could Lead to Local Escalation of Privilege,"A vulnerability has been identified in the MediaTek GPS hardware component, specifically in the update_gps_sv and output_vzw_debug functions. The issue arises from a missing bounds check, which can result in an out of bounds write. This vulnerability poses a risk of local escalation of privileges, necessitating system execution privileges to exploit. Notably, user interaction is not required for the exploitation process, making it a concern for system integrity and security.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-05T22:25:10.215Z,0
CVE-2018-9390,https://securityvulnerability.io/vulnerability/CVE-2018-9390,Possible Out-of-Bounds Read Vulnerability in gl_proc.c Could Lead to Local Escalation of Privilege,"This vulnerability involves a flaw in the 'procfile_write' function within 'gl_proc.c' that allows for a potential out of bounds read of a function pointer. The issue arises from an improper bounds check, which could facilitate a local escalation of privileges. Exploiting this vulnerability does not require user interaction, making it a significant concern for affected Android devices. Users with devices running specific versions of Android may be at risk if proper security measures are not implemented.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-05T22:23:33.742Z,0
CVE-2018-9388,https://securityvulnerability.io/vulnerability/CVE-2018-9388,Obedient Pixels Shudder Before Mighty Lord of Pointy Clicky Things,"This vulnerability affects the Android operating system, specifically within the touchscreen drivers implemented in 'ftm4_pdc.c'. The flaw arises from insufficient bounds checking and potential integer underflows in the store_upgrade and store_cmd functions. Consequently, this weakness may enable an attacker to perform out-of-bounds writes, which could lead to a compromise of system privileges, increasing the potential for unauthorized access or control. Remediation efforts are essential to mitigate the associated security risks.",Google,Android,9.8,CRITICAL,0.0006099999882280827,false,false,false,false,,false,false,2024-12-05T22:22:17.968Z,0
CVE-2018-9386,https://securityvulnerability.io/vulnerability/CVE-2018-9386,Possible Stack Buffer Overflow in HTC Reboot Block Driver,"The vulnerable HTC reboot block driver in certain Android devices has a stack buffer overflow issue stemming from inadequate bounds checking. This vulnerability can potentially allow an attacker to execute arbitrary code with elevated privileges, making it possible to escalate local privileges to system level. Consequently, even without user interaction, an attacker could exploit this weakness to gain unauthorized access, jeopardizing the security of the affected devices.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-05T22:20:40.144Z,0
CVE-2017-13308,https://securityvulnerability.io/vulnerability/CVE-2017-13308,Possible Buffer Overflow in mtk_ts_Abts.c Leads to Local Escalation of Privilege,"A buffer overflow vulnerability exists in the implementation of tscpu_write_GPIO_out and mtkts_Abts_write functions within the mtk_ts_Abts.c file. This issue arises from improper input validation when using sscanf, which could be exploited to gain elevated system execution privileges through local access. Notably, user interaction is not required for this vulnerability to be exploited, which raises significant security concerns for devices utilizing affected MediaTek chipsets.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-05T22:05:21.894Z,0
CVE-2018-9462,https://securityvulnerability.io/vulnerability/CVE-2018-9462,Possible Out of Bounds Write in ftm4_pdc.c Could Lead to Local Escalation of Privilege,"An out of bounds write vulnerability exists in the 'store_cmd' function of 'ftm4_pdc.c' within the Android operating system. This vulnerability arises from an inadequate bounds check, potentially allowing an attacker to exploit this weakness locally. Successful exploitation could lead to escalation of privileges, granting attackers system execution permissions without requiring any user interaction. Addressing this vulnerability is crucial for maintaining the integrity and security of affected systems.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-05T00:15:00.000Z,0
CVE-2018-9403,https://securityvulnerability.io/vulnerability/CVE-2018-9403,Stack Buffer Overflow Vulnerability in flp2hal Could Lead to Local Escalation of Privilege,"A vulnerability exists in the MTK_flp_msg_hal_diag_report_data_ntf handler found in the flp2hal_interface.c file. This flaw allows for a potential stack buffer overflow due to an inadequate bounds check. Exploiting this vulnerability can enable local escalation of privileges in processes that require System execution rights. The process does not require any user interaction, making it particularly concerning for system integrity.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-05T00:15:00.000Z,0
CVE-2018-9399,https://securityvulnerability.io/vulnerability/CVE-2018-9399,Possible Local Escalation of Privilege Through Out of Bounds Writes,"The WMT Debug driver in the Android operating system contains multiple out of bounds write vulnerabilities. These flaws allow attackers with local access to the device to potentially escalate their privileges to gain system execution rights. Notably, exploitation does not require any user interaction, making these vulnerabilities particularly concerning. The affected driver is utilized in various Android versions, necessitating prompt attention from users and administrators to mitigate potential security risks.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-05T00:15:00.000Z,0
CVE-2018-9439,https://securityvulnerability.io/vulnerability/CVE-2018-9439,Possible Use-After-Free Vulnerability in af_packet.c Leads to Local Escalation of Privilege,"An issue exists in the Android operating system's kernel due to improper locking in the functions __unregister_prot_hook and packet_release within af_packet.c. This vulnerability may allow local attackers to escalate their privileges, gaining elevated permissions on the system without the need for user interaction. Exploitation could enable unauthorized actions at the system level, impacting overall system security and integrity. It is essential for users and organizations using affected versions to apply security updates to mitigate the risks associated with this flaw.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-05T00:15:00.000Z,0
CVE-2018-9398,https://securityvulnerability.io/vulnerability/CVE-2018-9398,Possible OOB Write in Mediatek FM Radio Driver could lead to Local Escalation of Privilege,"The vulnerability in the Mediatek FM radio driver arises from improper input validation within the fm_set_stat function, which may result in an out-of-bounds write. Such a flaw enables attackers to exploit the vulnerability locally, potentially allowing them to escalate their privileges to system execution privileges. Notably, this vulnerability does not require any user interaction for exploitation, posing a significant risk to affected systems.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-05T00:15:00.000Z,0
CVE-2018-9402,https://securityvulnerability.io/vulnerability/CVE-2018-9402,Kernel Buffer Overwrite Vulnerability,"A buffer overwrite vulnerability exists within multiple functions of gl_proc.c in the Android kernel due to inadequate bounds checking. This weakness can be exploited to escalate privileges, potentially allowing attackers to gain increased control over the system. Proper patches and updates are essential to mitigate this type of vulnerability and enhance overall security.",Google,Android,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-12-05T00:15:00.000Z,0
CVE-2018-9463,https://securityvulnerability.io/vulnerability/CVE-2018-9463,Possible Out of Bounds Write in sw49408 IRQ Runtime Engine Could Lead to Local Escalation of Privilege,"The vulnerability in the touch_sw49408.c file of the Android touch software is caused by an improper bounds check within the sw49408_irq_runtime_engine_debug function. This flaw allows for a possible out of bounds write, which may lead to local privilege escalation. While user interaction is not required for the exploitation of this vulnerability, successful exploitation necessitates the attainment of system execution privileges, raising significant security concerns for Android devices that utilize this touch driver.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-05T00:15:00.000Z,0
CVE-2018-9400,https://securityvulnerability.io/vulnerability/CVE-2018-9400,Potential OOB write in drivers/input/touchscreen/mediatek/GT1151/gt1x_generic.c and gt1x_tools.c may lead to local escalation of privilege,"A vulnerability exists in the GT1151 Touchscreen Driver where the functions gt1x_debug_write_proc and gt1x_tool_write are susceptible to an out of bounds write due to an absence of proper bounds checking. This weakness may allow an attacker with local access to exploit the vulnerability, potentially gaining elevated privileges to execute system-level commands. No user interaction is required for this vulnerability to be exploited, which increases the risk to affected systems.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-05T00:15:00.000Z,0
CVE-2018-9407,https://securityvulnerability.io/vulnerability/CVE-2018-9407,Information Disclosure Due to Missing Bounds Check in emmc_rpmb.c,"An information disclosure vulnerability exists in the emmc_rpmb_ioctl function of emmc_rpmb.c. This issue arises because of a missing bounds check, which allows the potential exposure of sensitive kernel data. The vulnerability poses risks to the integrity and confidentiality of data processed by affected Android devices, making it crucial for users to ensure their systems are updated to mitigate potential exploits.",Google,Android,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-05T00:15:00.000Z,0
CVE-2018-9408,https://securityvulnerability.io/vulnerability/CVE-2018-9408,Missing Bounds Check Leads to Local Information Disclosure with System Execution Privileges,"An Out Of Bounds Read vulnerability exists in the GPS component of the Android operating system, specifically within the functions m3326_gps_write and m3326_gps_read in gps.s. This issue arises from a missing bounds check, which could potentially allow an attacker to access sensitive information locally. Exploitation of this vulnerability does not require user interaction, enabling unauthorized access to data with system execution privileges. The security of affected devices could be compromised if this vulnerability is exploited.",Google,Android,4.4,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-05T00:15:00.000Z,0
CVE-2018-9397,https://securityvulnerability.io/vulnerability/CVE-2018-9397,Potential OOB Write Vulnerability in MTK WMT Device Driver Could Lead to Local Escalation of Privilege,"The WMT_unlocked_ioctl function within the MTK WMT device driver is susceptible to an out-of-bounds write due to an absence of an appropriate bounds check. This vulnerability allows an attacker to exploit the flaw to gain elevated privileges on a system, with system execution privileges required. Notably, this exploitation does not necessitate user interaction, making it a significant risk. The flaw poses a threat to users of affected Android devices utilizing the MTK WMT driver.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-05T00:15:00.000Z,0
CVE-2018-9416,https://securityvulnerability.io/vulnerability/CVE-2018-9416,Possible Memory Corruption Leading to Local Escalation of Privilege,"A memory corruption vulnerability exists in the SCSI Generic driver component of Android's system interface. This issue arises from an unusual condition during the execution of sg_remove_scat, potentially allowing an attacker with local access to escalate their privileges to that of the system. Notably, user interaction is not required for the exploitation of this vulnerability, making it particularly concerning for system integrity.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-05T00:15:00.000Z,0
CVE-2018-9404,https://securityvulnerability.io/vulnerability/CVE-2018-9404,Possible Out of Bounds Write in ril.cpp Could Lead to Local Escalation of Privilege,"An out of bounds write vulnerability exists in the oemCallback function of ril.cpp, originating from an integer overflow issue. This flaw could enable a local attacker to escalate privileges on the affected device. Notably, exploitation does not require user interaction, which increases the risk level for devices running vulnerable versions of Android, potentially allowing attackers to gain system execution privileges. Addressing this vulnerability is critical to maintain device integrity and security.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-05T00:15:00.000Z,0
CVE-2018-9396,https://securityvulnerability.io/vulnerability/CVE-2018-9396,Possible Out of Bounds Write in rpc_msg_handler and Related Handlers of Meditek ECCCI Could Lead to Local Escalation of Privilege,"The vulnerability in the MediaTek ECCCI driver is due to an improper bounds check in the rpc_msg_handler and related handlers within the source code. This oversight may lead to an out of bounds write condition, which poses a risk of local escalation of privilege. Exploitation does not require user interaction, making it particularly concerning for device security.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-04T21:59:02.879Z,0
CVE-2018-9395,https://securityvulnerability.io/vulnerability/CVE-2018-9395,Possible OOB Write Vulnerability in mtk_cfg80211_vendor_packet_keep_alive_start Could Lead to Local Escalation of Privilege,"The MediaTek connectivity drivers contain a vulnerability in the 'mtk_cfg80211_vendor_packet_keep_alive_start' and 'mtk_cfg80211_vendor_set_config' functions. This flaw arises from an out-of-bounds write due to improper bounds checking. Exploiting this vulnerability could enable a local attacker to escalate privileges to system execution levels. Notably, exploitation does not require any user interaction, which increases the risk for affected systems. This is a significant concern for environments using MediaTek connectivity hardware, as it may allow unauthorized users to gain elevated access.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-04T17:20:55.185Z,0
CVE-2018-9394,https://securityvulnerability.io/vulnerability/CVE-2018-9394,Possible OOB write vulnerability in mtk_p2p_wext_set_key,"An out-of-bounds write vulnerability exists in the MediaTek connectivity driver, specifically in the mtk_p2p_wext_set_key function. This flaw is due to inadequate input validation, which could allow an attacker to execute code with escalated privileges. Importantly, exploitation of this vulnerability does not require any user interaction, making it particularly concerning for systems that utilize affected MediaTek components.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-04T17:19:10.992Z,0
CVE-2018-9393,https://securityvulnerability.io/vulnerability/CVE-2018-9393,Possible OOB Write Vulnerability in Mediatek WLAN Driver Could Lead to Local Escalation of Privilege,"A vulnerability exists within the MediaTek Wi-Fi driver that allows an out-of-bounds (OOB) write due to an inadequate bounds check in the 'procfile_write' function. This flaw could enable local attackers to escalate their privileges, gaining unauthorized access to system execution capabilities. Exploitation of this vulnerability does not mandate user interaction, which heightens its risk. Mitigation measures are necessary to protect systems that utilize this driver.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-04T17:17:25.388Z,0
CVE-2018-9392,https://securityvulnerability.io/vulnerability/CVE-2018-9392,Possible out of bounds write in GPS HAL could lead to local escalation of privilege,"A vulnerability exists in the MediaTek GPS hardware where a possible out of bounds write occurs due to a missing bounds check in the get_binary function within data_coder.c. This flaw may enable local privilege escalation, requiring system execution privileges for full exploitation. Importantly, the vulnerability does not require any user interaction, allowing for potential unauthorized access to system-level functions.",Google,Android,6.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-04T17:15:26.490Z,0
CVE-2018-9449,https://securityvulnerability.io/vulnerability/CVE-2018-9449,Possible Out of Bound Read Vulnerability in SDP Discovery's process_service_search_attr_rsp,"A vulnerability exists in the Android system where an out of bounds read can occur due to a lack of bounds checking in the process_service_search_attr_rsp function of sdp_discovery.cc. This flaw could allow local information disclosure without the need for any additional execution privileges. Importantly, exploitation of this vulnerability does not require user interaction, making it a potential risk for affected devices. It is crucial for users and administrators to ensure that their systems are updated to mitigate any potential security threats stemming from this issue.",Google,Android,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-03T01:15:00.000Z,0
CVE-2018-9441,https://securityvulnerability.io/vulnerability/CVE-2018-9441,Possible Out-of-Bounds Read Vulnerability in sdp_copy_raw_data,"An out of bounds read vulnerability exists in the SDP discovery component of Android, specifically in the function responsible for copying raw data. This flaw is triggered by an inadequate bounds check, which may allow attackers to exploit the vulnerability during user interaction. If successfully exploited, it could lead to local information disclosure without the necessity of elevated execution privileges. The issue impacts a range of Android versions prior to the August 2018 security update, making it critical for users and administrators to apply relevant patches to safeguard their devices.",Google,Android,5.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-12-03T01:15:00.000Z,0