Search Results (367118 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-32821 2 Google, Mediatek 11 Android, Mt6761, Mt6763 and 8 more 2024-11-21 6.7 Medium
In video, there is a possible out of bounds write due to a permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08013430; Issue ID: ALPS08013433.
CVE-2023-32820 4 Google, Linux, Linuxfoundation and 1 more 43 Android, Linux Kernel, Yocto and 40 more 2024-11-21 7.5 High
In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637.
CVE-2023-32819 2 Google, Mediatek 15 Android, Mt6765, Mt6768 and 12 more 2024-11-21 4.4 Medium
In display, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS08014138.
CVE-2023-32818 2 Google, Mediatek 11 Android, Mt6761, Mt6763 and 8 more 2024-11-21 6.7 Medium
In vdec, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08163896 & ALPS08013430; Issue ID: ALPS07867715.
CVE-2023-32817 2 Google, Mediatek 35 Android, Mt2713, Mt6580 and 32 more 2024-11-21 4.4 Medium
In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: ALPS08044035.
CVE-2023-32816 2 Google, Mediatek 35 Android, Mt2713, Mt6580 and 32 more 2024-11-21 4.4 Medium
In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: ALPS08044032.
CVE-2023-32815 4 Google, Linuxfoundation, Mediatek and 1 more 40 Android, Yocto, Mt2713 and 37 more 2024-11-21 4.4 Medium
In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08037801; Issue ID: ALPS08037801.
CVE-2023-32814 2 Google, Mediatek 40 Android, Mt2713, Mt2735 and 37 more 2024-11-21 4.4 Medium
In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08031947; Issue ID: ALPS08031947.
CVE-2023-32813 4 Google, Linuxfoundation, Mediatek and 1 more 42 Android, Yocto, Mt2713 and 39 more 2024-11-21 4.4 Medium
In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017370; Issue ID: ALPS08017370.
CVE-2023-32812 4 Google, Linuxfoundation, Mediatek and 1 more 39 Android, Yocto, Mt2713 and 36 more 2024-11-21 6.7 Medium
In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local esclation of privileges with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017365; Issue ID: ALPS08017365.
CVE-2023-32811 3 Google, Linuxfoundation, Mediatek 21 Android, Yocto, Iot Yocto and 18 more 2024-11-21 6.7 Medium
In connectivity system driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929848; Issue ID: ALPS07929848.
CVE-2023-32810 4 Google, Linux, Linuxfoundation and 1 more 42 Android, Linux Kernel, Yocto and 39 more 2024-11-21 4.4 Medium
In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07867212; Issue ID: ALPS07867212.
CVE-2023-32809 2 Google, Mediatek 35 Android, Mt2713, Mt6779 and 32 more 2024-11-21 4.4 Medium
In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. This could lead to local leak of sensitive information with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07849753; Issue ID: ALPS07849753.
CVE-2023-32808 2 Google, Mediatek 35 Android, Mt2713, Mt6779 and 32 more 2024-11-21 4.4 Medium
In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. This could lead to local leak of sensitive information with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07849751; Issue ID: ALPS07849751.
CVE-2023-32807 3 Google, Linuxfoundation, Mediatek 27 Android, Yocto, Iot Yocto and 24 more 2024-11-21 4.4 Medium
In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588360; Issue ID: ALPS07588360.
CVE-2023-32806 4 Google, Linuxfoundation, Mediatek and 1 more 33 Android, Yocto, Iot Yocto and 30 more 2024-11-21 6.7 Medium
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441589; Issue ID: ALPS07441589.
CVE-2023-32805 2 Google, Mediatek 3 Android, Mt8168, Mt8675 2024-11-21 6.5 Medium
In power, there is a possible out of bounds write due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08102892; Issue ID: ALPS08102892.
CVE-2023-32804 1 Arm 4 5th Gen Gpu Architecture Kernel Driver, Bifrost Gpu Kernel Driver, Midgard Gpu Kernel Driver and 1 more 2024-11-21 7.8 High
Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a local non-privileged user to write a constant pattern to a limited amount of memory not allocated by the user space driver.This issue affects Midgard GPU Userspace Driver: from r0p0 through r32p0; Bifrost GPU Userspace Driver: from r0p0 through r44p0; Valhall GPU Userspace Driver: from r19p0 through r44p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r44p0.
CVE-2023-32802 1 Woocommerce 1 Woocommerce Pre-orders 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Pre-Orders plugin <= 1.9.0 versions.
CVE-2023-32801 1 Woocommerce 1 Composite Products 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Composite Products plugin <= 8.7.5 versions.