Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
7841 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-35693 | 1 Google | 1 Android | 2024-08-02 | 6.7 Medium |
In incfs_kill_sb of fs/incfs/vfs.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-35687 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In MtpPropertyValue of MtpProperty.h, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-35679 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In MtpPropertyValue of MtpProperty.h, there is a possible out of bounds read due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
CVE-2023-35666 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In bta_av_rc_msg of bta_av_act.cc, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-35691 | 1 Google | 1 Android | 2024-08-02 | 7.2 High |
there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-35677 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In onCreate of DeviceAdminAdd.java, there is a possible way to forcibly add a device admin due to a missing permission check. This could lead to local denial of service (factory reset or continuous locking) with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-35671 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In onHostEmulationData of HostEmulationManager.java, there is a possible way for a general purpose NFC reader to read the full card number and expiry details when the device is in locked screen mode due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-35664 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-35667 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In updateList of NotificationAccessSettings.java, there is a possible way to hide approved notification listeners in the settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-35670 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps' external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-35658 | 1 Google | 1 Android | 2024-08-02 | 8.8 High |
In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible privilege escalation due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-35681 | 1 Google | 1 Android | 2024-08-02 | 9.8 Critical |
In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-33906 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-02 | 5.5 Medium |
In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges | ||||
CVE-2023-33900 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-02 | 5.5 Medium |
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | ||||
CVE-2023-33884 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-02 | 5.5 Medium |
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | ||||
CVE-2023-33891 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-02 | 5.5 Medium |
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | ||||
CVE-2023-33893 | 2 Google, Unisoc | 14 Android, S8002, Sc7731e and 11 more | 2024-08-02 | 5.5 Medium |
In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | ||||
CVE-2023-33915 | 2 Google, Unisoc | 5 Android, S8000, T760 and 2 more | 2024-08-02 | 7.5 High |
In LTE protocol stack, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed | ||||
CVE-2023-33908 | 2 Google, Unisoc | 13 Android, S8000, Sc9832e and 10 more | 2024-08-02 | 5.5 Medium |
In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges | ||||
CVE-2023-33896 | 2 Google, Unisoc | 14 Android, S8005, Sc7731e and 11 more | 2024-08-02 | 4.4 Medium |
In libimpl-ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. |