Filtered by vendor Google
Subscriptions
Total
12616 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-21012 | 1 Google | 1 Android | 2025-03-24 | 3.7 Low |
In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-257029812 | ||||
CVE-2023-21419 | 1 Google | 1 Android | 2025-03-24 | 4.3 Medium |
An improper implementation logic in Secure Folder prior to SMR Jan-2023 Release 1 allows the Secure Folder container remain unlocked under certain condition. | ||||
CVE-2024-7976 | 1 Google | 1 Chrome | 2025-03-24 | 4.3 Medium |
Inappropriate implementation in FedCM in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
CVE-2024-32901 | 1 Google | 1 Android | 2025-03-24 | 7.8 High |
In v4l2_smfc_qbuf of smfc-v4l2-ioctls.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2024-2886 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-03-22 | 7.5 High |
Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-2173 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-03-21 | 6.8 Medium |
Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2023-20946 | 1 Google | 1 Android | 2025-03-21 | 9.8 Critical |
In onStart of BluetoothSwitchPreferenceController.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-244423101 | ||||
CVE-2023-20945 | 1 Google | 1 Android | 2025-03-21 | 7.8 High |
In phNciNfc_MfCreateXchgDataHdr of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-246932269 | ||||
CVE-2023-20944 | 1 Google | 1 Android | 2025-03-21 | 7.8 High |
In run of ChooseTypeAndAccountActivity.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-244154558 | ||||
CVE-2023-20943 | 1 Google | 1 Android | 2025-03-21 | 7.8 High |
In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-240267890 | ||||
CVE-2023-20940 | 1 Google | 1 Android | 2025-03-21 | 7.8 High |
In the Android operating system, there is a possible way to replace a boot partition due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-256237041 | ||||
CVE-2023-20939 | 1 Google | 1 Android | 2025-03-21 | 7.8 High |
In multiple functions of looper_backed_event_loop.cpp, there is a possible way to corrupt memory due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-243362981 | ||||
CVE-2023-20937 | 1 Google | 1 Android | 2025-03-21 | 7.8 High |
In several functions of the Android Linux kernel, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257443051References: Upstream kernel | ||||
CVE-2023-20934 | 1 Google | 1 Android | 2025-03-21 | 7.8 High |
In resolveAttributionSource of ServiceUtilities.cpp, there is a possible way to disable the microphone privacy indicator due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-258672042 | ||||
CVE-2023-20933 | 1 Google | 1 Android | 2025-03-21 | 7.8 High |
In several functions of MediaCodec.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-245860753 | ||||
CVE-2023-20932 | 1 Google | 1 Android | 2025-03-21 | 3.3 Low |
In onCreatePreferences of EditInfoFragment.java, there is a possible way to read contacts belonging to other users due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-248251018 | ||||
CVE-2022-20551 | 1 Google | 1 Android | 2025-03-21 | 6.7 Medium |
In createTrack of AudioFlinger.cpp, there is a possible way to record audio without a privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-243376549 | ||||
CVE-2022-20481 | 1 Google | 1 Android | 2025-03-21 | 5.5 Medium |
In multiple files, there is a possible way to preserve WiFi settings due to residual data after a reset. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241927115 | ||||
CVE-2022-20455 | 1 Google | 1 Android | 2025-03-21 | 5.5 Medium |
In addAutomaticZenRule of ZenModeHelper.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242537431 | ||||
CVE-2024-9956 | 1 Google | 2 Android, Chrome | 2025-03-20 | 7.8 High |
Inappropriate implementation in WebAuthentication in Google Chrome on Android prior to 130.0.6723.58 allowed a local attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) |