Shodan
Vulnerabilities
Vulnerable Software
Google:  >> Android  Security Vulnerabilities
CVE-2025-20661
In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04436357; Issue ID: MSV-3185.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-04-07
CVE-2025-20662
In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04428276; Issue ID: MSV-3184.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-04-07
CVE-2025-20655
In keymaster, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04427687; Issue ID: MSV-3183.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-04-07
CVE-2025-20656
In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09625423; Issue ID: MSV-3033.
CVSS Score
6.8
EPSS Score
0.0
Published
2025-04-07
CVE-2025-20657
In vdec, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09486425; Issue ID: MSV-2609.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-04-07
CVE-2025-20658
In DA, there is a possible permission bypass due to a logic error. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09474894; Issue ID: MSV-2597.
CVSS Score
6.0
EPSS Score
0.0
Published
2025-04-07
CVE-2025-20660
In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04436357; Issue ID: MSV-3186.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-04-07
CVE-2025-1917
Inappropriate implementation in Browser UI in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
4.3
EPSS Score
0.0
Published
2025-03-05
CVE-2025-1922
Inappropriate implementation in Selection in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVSS Score
4.3
EPSS Score
0.0
Published
2025-03-05
CVE-2025-20652
In V5 DA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291215; Issue ID: MSV-2052.
CVSS Score
4.6
EPSS Score
0.0
Published
2025-03-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved