Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
7841 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-30918 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-02 | 5.5 Medium |
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | ||||
CVE-2023-30935 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-02 | 5.5 Medium |
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | ||||
CVE-2023-30863 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-02 | 7.8 High |
In Connectivity Service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | ||||
CVE-2023-30866 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-02 | 5.5 Medium |
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | ||||
CVE-2023-30864 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-02 | 7.8 High |
In Connectivity Service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges. | ||||
CVE-2023-30730 | 2 Google, Samsung | 2 Android, Camera | 2024-08-02 | 3.3 Low |
Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local attacker to access specific file. | ||||
CVE-2023-30678 | 2 Google, Samsung | 2 Android, Calendar | 2024-08-02 | 5.1 Medium |
Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file. | ||||
CVE-2023-23374 | 2 Google, Microsoft | 3 Android, Edge, Edge Chromium | 2024-08-02 | 8.3 High |
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | ||||
CVE-2023-21419 | 1 Google | 1 Android | 2024-08-02 | 4.3 Medium |
An improper implementation logic in Secure Folder prior to SMR Jan-2023 Release 1 allows the Secure Folder container remain unlocked under certain condition. | ||||
CVE-2023-21463 | 2 Google, Samsung | 2 Android, Myfiles | 2024-08-02 | 4 Medium |
Improper access control vulnerability in MyFiles application prior to versions 12.2.09.0 in Android 11, 13.1.03.501 in Android 12 and 14.1.03.0 in Android 13 allows local attacker to get sensitive information of secret mode in Samsung Internet application with specific conditions. | ||||
CVE-2023-21399 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
there is a possible way to bypass cryptographic assurances due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21462 | 2 Google, Samsung | 2 Android, Quick Share | 2024-08-02 | 4.2 Medium |
The sensitive information exposure vulnerability in Quick Share Agent prior to versions 3.5.14.18 in Android 12 and 3.5.16.20 in Android 13 allows to local attacker to access MAC address without related permission. | ||||
CVE-2023-21464 | 2 Google, Samsung | 2 Android, Calendar | 2024-08-02 | 4 Medium |
Improper access control in Samsung Calendar prior to versions 12.4.02.9000 in Android 13 and 12.3.08.2000 in Android 12 allows local attacker to configure improper status. | ||||
CVE-2023-21401 | 1 Google | 1 Android | 2024-08-02 | 9.8 Critical |
In DevmemIntChangeSparse of devicemem_server.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21400 | 2 Debian, Google | 2 Debian Linux, Android | 2024-08-02 | 6.7 Medium |
In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21402 | 1 Google | 1 Android | 2024-08-02 | 9.8 Critical |
In MMU_UnmapPages of mmu_common.c, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21403 | 1 Google | 1 Android | 2024-08-02 | 9.8 Critical |
In RGXDestroyZSBufferKM of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21395 | 1 Google | 1 Android | 2024-08-02 | 6.5 Medium |
In Bluetooth, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21392 | 1 Google | 1 Android | 2024-08-02 | 8.8 High |
In Bluetooth, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege when connecting to a Bluetooth device with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21380 | 1 Google | 1 Android | 2024-08-02 | 6.7 Medium |
In Bluetooth, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. |