Software Detail

Software Informaton Top

SmartPhone

Software Detail

Android

Number Of NVD

6838

CRITICAL

484

HIGH

2986

MEDIUM

3124

LOW

236

URL	https://www.android.com/
Explanation	It is an operating system installed on smartphones provided by Google. Since it is open source, many manufacturers use it in their smartphones, tablets, and wearable devices. The support period differs for each development vendor. After Google provides a security patch, it is up to the vendor to provide the patch to the target devices.
Tag	Mobile Google Apache License v2.0 GPL v2 LGPL 2.1+

Add Information URL

No	Type	Name	URL
1			https://en.wikipedia.org/wiki/Android_version_history
2			https://source.android.com/setup/start/licenses
3			https://source.android.com/security/bulletin/
4			https://developer.android.com/
5			https://developer.android.com/about/versions/
6			https://android-developers.googleblog.com/

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Critical	High	Medium	Low
211	Android 14	14.1	Nov. 6, 2024	Aug. 7, 2024	0	3	1	0
212	Android 13	13.4	Aug. 7, 2023	Aug. 15, 2022	15	311	812	67
213	Android 12	12.4	Oct. 17, 2022	Oct. 4, 2020	43	479	1193	106
214	Android 11	11	Sept. 8, 2020	Sept. 8, 2020	58	636	1364	107
215	Android 10	10	Sept. 3, 2019	Sept. 3, 2019	103	680	1055	110
216	Android 9	9	Aug. 6, 2018	Aug. 6, 2018	112	463	331	35
217	Android 8	8.1.0	Dec. 5, 2017	Aug. 21, 2017	144	529	318	25
218	Android 7	7.1.2	April 4, 2017	Aug. 22, 2016	116	627	380	20
219	Android 6	6.0.1	Dec. 7, 2015	Oct. 5, 2015	109	734	397	20
220	Android 5	5.1.1	April 21, 2015	Nov. 12, 2014	67	661	317	16
221	Android 4	4.4.4	June 19, 2014	Oct. 18, 2011	53	577	271	16
222	Android 3	3.2.6	Feb. 1, 2012	Feb. 22, 2011	25	420	174	10
223	Android 2	2.2.3	Nov. 21, 2011	Oct. 26, 2009	25	424	181	12
224	Android 1	1.6	Sept. 15, 2009	Sept. 23, 2008	150	1558	2312	204
225	Android 9.0	9.0			109	441	323	34
226	Android 7.2	7.2			16	61	79	9
227	Android 12.1	12.1			15	229	224	23
228	Android 12.0l	12.0l			0	28	68	9
229	Android 12.0	12.0			43	447	1159	104
230	Android 11.0	11.0			58	636	1364	107
231	Android 10.0	10.0			103	680	1055	110

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
211	6.7 -	MEDIUM Local	there is a possible way for the secure world to write to NS memory due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User int…	NVD-CWE-noinfo	CVE-2023-48405	cpe:2.3:o:google:android:-:*	2024-11-21 17:31 2023-12-9	Show	GitHub Exploit DB Packet Storm

212	7.5 -	HIGH Network	In ProtocolMiscCarrierConfigSimInfoIndAdapter of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with n…	CWE-125 Out-of-bounds Read	CVE-2023-48404	cpe:2.3:o:google:android:-:*	2024-11-21 17:31 2023-12-9	Show	GitHub Exploit DB Packet Storm

213	7.5 -	HIGH Network	In sms_DecodeCodedTpMsg of sms_PduCodec.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure if the attacker is able to observe th…	CWE-787 Out-of-bounds Write	CVE-2023-48403	cpe:2.3:o:google:android:-:*	2024-11-21 17:31 2023-12-9	Show	GitHub Exploit DB Packet Storm

214	7.8 -	HIGH Local	In ppcfw_enable of ppcfw.c, there is a possible EoP due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interactio…	CWE-862 Missing Authorization	CVE-2023-48402	cpe:2.3:o:google:android:-:*	2024-11-21 17:31 2023-12-9	Show	GitHub Exploit DB Packet Storm

215	5.5 -	MEDIUM Local	In ProtocolMiscATCommandAdapter::Init() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband…	CWE-125 Out-of-bounds Read	CVE-2023-48399	cpe:2.3:o:google:android:-:*	2024-11-21 17:31 2023-12-9	Show	GitHub Exploit DB Packet Storm

216	7.5 -	HIGH Network	In ProtocolNetAcBarringInfo::ProtocolNetAcBarringInfo() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosu…	CWE-125 Out-of-bounds Read	CVE-2023-48398	cpe:2.3:o:google:android:-:*	2024-11-21 17:31 2023-12-9	Show	GitHub Exploit DB Packet Storm

217	4.9 -	MEDIUM Network	In Init of protocolcalladapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. Use…	CWE-125 Out-of-bounds Read	CVE-2023-48397	cpe:2.3:o:google:android:-:*	2024-11-21 17:31 2023-12-9	Show	GitHub Exploit DB Packet Storm

218	6.3 -	MEDIUM Adjacent	Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting inject…	CWE-287 Improper Authentication	CVE-2023-45866	cpe:2.3:o:google:android:6.0.1:* cpe:2.3:o:google:android:4.2.2:* cpe:2.3:o:google:android:14.0:* cpe:2.3:o:go…	2024-11-21 17:27 2023-12-8	Show	GitHub Exploit DB Packet Storm

219	7.8 -	HIGH Local	In keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due to a missing permission check. This could lead to local escalation of privilege with no additional …	CWE-862 Missing Authorization	CVE-2023-40094	cpe:2.3:o:google:android:14.0:* cpe:2.3:o:google:android:13.0:* cpe:2.3:o:google:android:12.1:* cpe:2.3:o:goog…	2024-11-21 17:18 2023-12-5	Show	GitHub Exploit DB Packet Storm

220	7.8 -	HIGH Local	In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privil…	CWE-787 Out-of-bounds Write	CVE-2023-40080	cpe:2.3:o:google:android:14.0:* cpe:2.3:o:google:android:13.0:*	2024-11-21 17:18 2023-12-5	Show	GitHub Exploit DB Packet Storm