Shodan
Vulnerabilities
Vulnerable Software
Google:  >> Android  >> 8.1  Security Vulnerabilities
CVE-2017-13314
In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. This could lead to local escalation of privilege allowing users to access non-VPN networks, when they are supposed to be restricted to the VPN networks, with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-11-15
CVE-2017-13309
In readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-11-15
CVE-2017-13227
In the autofill service, the package name that is provided by the app process is trusted inappropriately.  This could lead to information disclosure with no additional execution privileges needed.  User interaction is not needed for exploitation.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-11-14
CVE-2024-44100
Android before 2024-10-05 on Google Pixel devices allows information disclosure in the modem component, A-299774545.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-10-25
CVE-2024-47020
Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ABL component, A-331966488.
CVSS Score
7.5
EPSS Score
0.0
Published
2024-10-25
CVE-2024-47022
Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ACPM component, A-331255656.
CVSS Score
7.5
EPSS Score
0.0
Published
2024-10-25
CVE-2024-29748
Known exploited
there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVSS Score
7.8
EPSS Score
0.003
Published
2024-04-05
CVE-2023-40101
In collapse of canonicalize_md.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-10-30
CVE-2023-45780
In Print Service, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVSS Score
7.3
EPSS Score
0.0
Published
2023-10-30
CVE-2023-21375
In Sysproxy, there is a possible out of bounds write due to an integer underflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-10-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved