In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure…

In ForegroundUtils of ForegroundUtils.java, there is a possible way to read NFC tag data while the app is still in the background due to a…

In getCurrentPrivilegedPackagesForAllUsers of CarrierPrivilegesTracker.java, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of…

In multiple functions of WifiNetworkFactory.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no…

In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution…

there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution…

In lwis_i2c_device_disable of lwis_device_i2c.c, there is a possible UAF due to a logic error in the code. This could lead to local escalation of privilege…

In BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing null check. This could lead to local information disclosure…

In registerGsmaServiceIntentReceiver of ShannonRcsService.java, there is a possible way to activate/deactivate RCS service due to a missing permission check. This could lead to local escalation…

In handle_set_parameters_ctrl of hal_socket.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure…