Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
7841 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-21234 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In launchConfirmationActivity of ChooseLockSettingsHelper.java, there is a possible way to enable developer options without the lockscreen PIN due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21263 | 1 Google | 1 Android | 2024-08-02 | 9.8 Critical |
In OSMMapPMRGeneric of pmr_os.c, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21211 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In multiple files, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262235998 | ||||
CVE-2023-21241 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In rw_i93_send_to_upper of rw_i93.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21274 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21247 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In getAvailabilityStatus of BluetoothScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21220 | 1 Google | 1 Android | 2024-08-02 | 7.5 High |
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-264590585References: N/A | ||||
CVE-2023-21205 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In startWpsPinDisplayInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262245376 | ||||
CVE-2023-21208 | 1 Google | 1 Android | 2024-08-02 | 4.4 Medium |
In setCountryCodeInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262245254 | ||||
CVE-2023-21250 | 1 Google | 1 Android | 2024-08-02 | 9.8 Critical |
In gatt_end_operation of gatt_utils.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21229 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In registerServiceLocked of ManagedServices.java, there is a possible bypass of background activity launch restrictions due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21264 | 1 Google | 1 Android | 2024-08-02 | 6.7 Medium |
In multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21271 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In parseInputs of ShimPreparedModel.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21232 | 1 Google | 1 Android | 2024-08-02 | 3.3 Low |
In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21215 | 1 Google | 1 Android | 2024-08-02 | 9.8 Critical |
In DevmemIntAcquireRemoteCtx of devicemem_server.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21228 | 1 Google | 1 Android | 2024-08-02 | 9.8 Critical |
In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21249 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time permission retention due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21240 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In Policy of Policy.java, there is a possible boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21246 | 1 Google | 1 Android | 2024-08-02 | 3.3 Low |
In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification listening access due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21269 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into PiP mode from the background due to BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |