cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-0762,https://securityvulnerability.io/vulnerability/CVE-2025-0762,Use After Free Vulnerability in Google Chrome DevTools,"A use after free vulnerability in the DevTools of Google Chrome allows remote attackers to exploit heap corruption through a specially crafted Chrome Extension. This issue affects versions prior to 132.0.6834.159, potentially allowing an attacker to manipulate memory and execute arbitrary code. Users are advised to upgrade to the latest version to mitigate this security risk.",Google,Chrome,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-29T10:33:45.673Z,0
CVE-2024-40677,https://securityvulnerability.io/vulnerability/CVE-2024-40677,Privilege Escalation Vulnerability in Android Settings Application,"A vulnerability exists in the Android Settings application that allows for potential bypass of factory reset protections due to a missing permission check in the shouldSkipForInitialSUW function of AdvancedPowerUsageDetail.java. This flaw could enable an attacker to escalate privileges locally without the need for user interaction, making it a significant concern for device security.",Google,Android,8.4,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T19:13:41.402Z,0
CVE-2024-40672,https://securityvulnerability.io/vulnerability/CVE-2024-40672,Local Privilege Escalation Vulnerability in Android Intent Resolver,"A vulnerability exists within the Android Intent Resolver that may allow a local attacker to bypass factory reset protections due to a missing permission check in the ChooserActivity. This flaw enables an elevation of privileges without requiring additional execution privileges or user interaction, posing a significant risk to device security.",Google,Android,8.4,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T19:13:40.821Z,0
CVE-2024-40670,https://securityvulnerability.io/vulnerability/CVE-2024-40670,Use After Free Vulnerability in Android,"A vulnerability exists in Android OS allowing for a use after free condition, caused by a race condition within the system. This flaw can be exploited to escalate privileges locally without the need for additional execution privileges, raising significant security concerns. No user interaction is necessary for an attacker to exploit this vulnerability, making it particularly dangerous.",Google,Android,8.4,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T19:13:40.727Z,0
CVE-2024-40669,https://securityvulnerability.io/vulnerability/CVE-2024-40669,Race Condition Vulnerability in Android Products by Google,"A race condition vulnerability exists in Android products by Google, which allows a use after free condition. This flaw could facilitate local escalation of privileges without requiring additional execution permissions. The exploitation of this vulnerability can occur without user interaction, posing a significant threat to user security and application integrity.",Google,Android,8.4,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T19:13:40.607Z,0
CVE-2024-40651,https://securityvulnerability.io/vulnerability/CVE-2024-40651,Use-After-Free Vulnerability in Android Kernel,"This vulnerability presents a use-after-free issue in the Android kernel, stemming from a logic error in the code. It allows local escalation of privilege, meaning that an attacker can exploit this flaw without needing additional execution privileges or user interaction. This can lead to significant risks if not promptly addressed.",Google,Android,8.4,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T19:13:40.514Z,0
CVE-2024-40649,https://securityvulnerability.io/vulnerability/CVE-2024-40649,Logic Error in Android Kernel Leads to Local Privilege Escalation,"A vulnerability exists in the Android kernel due to a logic error, leading to a use-after-free condition. This flaw could enable an attacker to escalate privileges locally without requiring any additional execution privileges or user interaction. This makes it a serious threat for systems running the affected Android kernel version.",Google,Android,8.4,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T19:13:40.428Z,0
CVE-2024-34748,https://securityvulnerability.io/vulnerability/CVE-2024-34748,Use-After-Free Vulnerability in Device Memory Management of Android by Google,"A vulnerability has been identified in the device memory management component of Android, specifically within the 'DevmemXReservationPageAddress' function of 'devicemem_server.c'. This flaw arises from improper casting, leading to a potential use-after-free condition that allows local escalation of privilege within the kernel environment. The exploitation of this vulnerability does not require any additional execution privileges or user interaction, posing significant security risks for affected devices.",Google,Android,8.4,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T19:13:40.342Z,0
CVE-2024-34733,https://securityvulnerability.io/vulnerability/CVE-2024-34733,Arbitrary Code Execution Vulnerability in Device Memory Server by Android,"A significant vulnerability exists within the Device Memory Server in Android that allows for arbitrary code execution due to an integer overflow in the DevmemXIntMapPages function. This vulnerability may facilitate local privilege escalation within the kernel without requiring elevated execution privileges or user interaction. Consequently, it poses a substantial risk to device security, emphasizing the importance of addressing this issue swiftly.",Google,Android,8.4,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T19:13:40.263Z,0
CVE-2024-34732,https://securityvulnerability.io/vulnerability/CVE-2024-34732,Arbitrary Code Execution Vulnerability in RGXMMUCacheInvalidate Function of RGXMEM by Imagination Technologies,"A vulnerability exists in the RGXMMUCacheInvalidate function within the rgxmem.c file, which allows for arbitrary code execution due to a race condition. This issue could enable attackers to escalate their privileges locally within the kernel without needing any additional execution permissions. Exploitation does not require user interaction, increasing the potential risk posed by this vulnerability.",Google,Android,8.4,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T19:13:40.171Z,0
CVE-2018-9373,https://securityvulnerability.io/vulnerability/CVE-2018-9373,Out of Bounds Write Vulnerability in MTK WLAN Driver from MediaTek,"The MTK WLAN driver contains a vulnerability in the TdlsexRxFrameHandle function, which allows for an out of bounds write due to an inadequate bounds check. This flaw enables a potential remote escalation of privilege without requiring additional execution permissions. Exploitation of this vulnerability does not necessitate user interaction, posing a significant risk to systems utilizing the affected driver.",Google,Android,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-28T16:52:42.889Z,0
CVE-2025-0612,https://securityvulnerability.io/vulnerability/CVE-2025-0612,Out of Bounds Memory Access Vulnerability in Google Chrome,"An out of bounds memory access vulnerability exists in the V8 engine of Google Chrome. This flaw can be potentially exploited by attackers through a specially crafted HTML page, leading to heap corruption. Such vulnerabilities may allow remote attackers to execute arbitrary code, posing significant security risks to users who visit malicious or compromised web pages.",Google,Chrome,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-22T19:22:37.153Z,0
CVE-2024-49747,https://securityvulnerability.io/vulnerability/CVE-2024-49747,Out of Bounds Write Vulnerability in Android Bluetooth GATT Service,"A vulnerability exists in the Bluetooth Gatt service of Android, where a logic error in the function gatts_process_read_by_type_req can result in an out of bounds write. This flaw allows attackers to exploit the issue remotely without requiring user interaction, potentially enabling them to execute arbitrary code on the affected system. This vulnerability emphasizes the importance of timely updates and patches to safeguard against possible exploits.",Google,Android,9.8,CRITICAL,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T23:15:00.000Z,0
CVE-2024-49749,https://securityvulnerability.io/vulnerability/CVE-2024-49749,Out of Bounds Write Flaw in DGifSlurp of dgif_lib.c Affects Android Devices,"A vulnerability exists in DGifSlurp of dgif_lib.c, manifesting as a potential out of bounds write caused by an integer overflow. This flaw may allow an attacker to execute arbitrary code remotely without the need for any user interaction or additional privileges, making it a critical concern for users of affected Android devices.",Google,Android,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T23:15:00.000Z,112
CVE-2024-49738,https://securityvulnerability.io/vulnerability/CVE-2024-49738,Out of Bounds Write Vulnerability in Android Parcel Handling,"A potential out of bounds write vulnerability exists within the Parcel handling operations in Android's Parcel.cpp. This flaw can allow an attacker to escalate local privileges without requiring any additional execution permissions or user interaction. Such vulnerabilities can pose significant security risks, particularly in multi-user environments. It is essential for users to ensure their systems are updated to mitigate the risks associated with this vulnerability.",Google,Android,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T23:15:00.000Z,0
CVE-2024-49737,https://securityvulnerability.io/vulnerability/CVE-2024-49737,Local Privilege Escalation in Android WindowOrganizerController by Google,A vulnerability exists in the WindowOrganizerController.java component where a logic error allows for the unintended launching of arbitrary activities as the system user ID. This flaw can lead to local privilege escalation without requiring any additional execution permissions or user interaction. This poses a significant security risk as it can enable malicious actors to exploit the underlying system permissions. Addressing this issue is critical to maintaining the integrity of the Android operating system.,Google,Android,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T23:15:00.000Z,0
CVE-2024-49736,https://securityvulnerability.io/vulnerability/CVE-2024-49736,Logic Error in MainClear.java Allows Unauthorized Factory Reset in Android Devices,"A logic error in the MainClear.java file of Android's codebase allows for a factory reset to be triggered without explicit user consent. This vulnerability leverages a flaw that can lead to a local denial of service, as it does not require additional execution privileges nor user interaction to exploit. The issue underscores the importance of securing user consent in system-level functions to prevent unauthorized actions that can disrupt device usability.",Google,Android,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T23:15:00.000Z,0
CVE-2024-49735,https://securityvulnerability.io/vulnerability/CVE-2024-49735,Local Privilege Escalation Vulnerability in Android Operating System,"A vulnerability exists in the Android Operating System that may result in a failure to persist permission settings across various components, primarily due to resource exhaustion issues. This flaw enables local users to escalate their privileges without requiring additional execution privileges, and it poses a potential risk to the system integrity. Notably, user interaction is not necessary for the exploitation of this vulnerability, making it particularly concerning for device security.",Google,Android,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T23:15:00.000Z,0
CVE-2024-49734,https://securityvulnerability.io/vulnerability/CVE-2024-49734,Information Disclosure Vulnerability in Android Wi-Fi Connectivity Service,"A vulnerability in the ConnectivityService class of Android can allow a Wi-Fi Access Point (AP) to infer which websites a device has accessed while connected through a VPN. This side channel information disclosure occurs due to inadequate handling of network traffic, potentially exposing sensitive user data without requiring additional privileges or user interaction.",Google,Android,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T23:15:00.000Z,0
CVE-2024-43096,https://securityvulnerability.io/vulnerability/CVE-2024-43096,Out of Bounds Write Vulnerability in Android Bluetooth Stack,"A vulnerability exists in the Android Bluetooth stack's gatt_sr.cc file, specifically within the build_read_multi_rsp function. This issue arises from a missing bounds check, which may allow an attacker to perform an out of bounds write operation. Consequently, this vulnerability could enable remote code execution without requiring any additional execution privileges, and importantly, user interaction is not necessary for exploitation. This can pose significant risks to the integrity and security of the affected systems.",Google,Android,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T23:15:00.000Z,0
CVE-2024-43095,https://securityvulnerability.io/vulnerability/CVE-2024-43095,Local Privilege Escalation Vulnerability in Android Devices by Google,"A logic error exists within the Android operating system that could allow an attacker to obtain any system permission. This vulnerability may enable local escalation of privileges without any additional execution rights required. User interaction is necessary for successful exploitation, making it essential for users to remain vigilant and ensure that their systems are updated to mitigate potential threats.",Google,Android,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T23:15:00.000Z,0
CVE-2024-34730,https://securityvulnerability.io/vulnerability/CVE-2024-34730,Bluetooth HID User Consent Bypass in Android Products by Google,"A logic error in the code of Android products allows for a potential bypass of user consent when enabling new Bluetooth Human Interface Devices (HIDs). This vulnerability can be exploited locally, enabling an unauthorized user to gain elevated privileges without requiring any additional execution permissions or user interaction.",Google,Android,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T23:15:00.000Z,0
CVE-2024-49748,https://securityvulnerability.io/vulnerability/CVE-2024-49748,Heap Buffer Overflow Vulnerability in Android's GATT Service,"A vulnerability exists in the GATT (Generic Attribute Profile) service of Android, specifically within the process responsible for handling primary service requests. This flaw stems from a potential out-of-bounds write caused by a heap buffer overflow. Attackers could exploit this vulnerability to execute arbitrary code remotely, requiring no special privileges or user interaction, thereby posing a significant risk to affected devices.",Google,Android,9.8,CRITICAL,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T23:15:00.000Z,0
CVE-2024-49745,https://securityvulnerability.io/vulnerability/CVE-2024-49745,Out of Bounds Write Vulnerability in growData of Parcel.cpp Affects Android Products,"In the growData function of Parcel.cpp within the Android operating system, an out of bounds write vulnerability has been identified due to improper bounds checking. This flaw can potentially allow an attacker to escalate privileges locally, as no additional execution privileges are required for exploitation. Notably, user interaction is unnecessary, making this vulnerability particularly concerning for affected systems.",Google,Android,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T23:15:00.000Z,0
CVE-2024-49744,https://securityvulnerability.io/vulnerability/CVE-2024-49744,Local Privilege Escalation Flaw in Android's AccountManagerService by Google,"A vulnerability exists in the AccountManagerService of Android, specifically in the checkKeyIntentParceledCorrectly function, where unsafe deserialization can bypass parcel mismatch mitigation. This issue could allow a local attacker to escalate their privileges without the need for additional execution permissions. Exploitation of this vulnerability does require user interaction to occur.",Google,Android,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T23:15:00.000Z,0