Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
7841 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-21110 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In several functions of SnoozeHelper.java, there is a possible way to grant notifications access due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-258422365 | ||||
CVE-2023-21148 | 1 Google | 1 Android | 2024-08-02 | 4.4 Medium |
In BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing null check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-263783657References: N/A | ||||
CVE-2023-21103 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted user data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-259064622 | ||||
CVE-2023-21160 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In BuildSetTcsFci of protocolmiscbuilder.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-263784118References: N/A | ||||
CVE-2023-21082 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In getNumberFromCallIntent of NewOutgoingCallIntentBroadcaster.java, there is a possible way to enumerate other user's contact phone number due to a confused deputy. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-257030107 | ||||
CVE-2023-21168 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In convertCbYCrY of ColorConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-253270285 | ||||
CVE-2023-21197 | 1 Google | 1 Android | 2024-08-02 | 7.5 High |
In btm_acl_process_sca_cmpl_pkt of btm_acl.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-251427561 | ||||
CVE-2023-21181 | 1 Google | 1 Android | 2024-08-02 | 4.4 Medium |
In btm_ble_update_inq_result of btm_ble_gap.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-264880969 | ||||
CVE-2023-21156 | 1 Google | 1 Android | 2024-08-02 | 4.4 Medium |
In BuildGetRadioNode of protocolmiscbulider.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the modem with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-264540759References: N/A | ||||
CVE-2023-21191 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In fixNotification of NotificationManagerService.java, there is a possible bypass of notification hide preference due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-269738057 | ||||
CVE-2023-21140 | 1 Google | 1 Android | 2024-08-02 | 6.8 Medium |
In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
CVE-2023-21084 | 1 Google | 1 Android | 2024-08-02 | 6.7 Medium |
In buildPropFile of filesystem.go, there is a possible insecure hash due to an improperly used crypto. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262892300 | ||||
CVE-2023-21184 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In getCurrentPrivilegedPackagesForAllUsers of CarrierPrivilegesTracker.java, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-267809568 | ||||
CVE-2023-21138 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-273260090 | ||||
CVE-2023-21152 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In FaceStatsAnalyzer::InterpolateWeightList of face_stats_analyzer.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-269174022References: N/A | ||||
CVE-2023-21158 | 1 Google | 1 Android | 2024-08-02 | 4.4 Medium |
In encode of miscdata.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-263783635References: N/A | ||||
CVE-2023-21171 | 1 Google | 1 Android | 2024-08-02 | 6.7 Medium |
In verifyInputEvent of InputDispatcher.cpp, there is a possible way to conduct click fraud due to side channel information disclosure. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-261085213 | ||||
CVE-2023-21127 | 1 Google | 1 Android | 2024-08-02 | 8.8 High |
In readSampleData of NuMediaExtractor.cpp, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-275418191 | ||||
CVE-2023-21089 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In startInstrumentation of ActivityManagerService.java, there is a possible way to keep the foreground service alive while the app is in the background. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-237766679 | ||||
CVE-2023-21141 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In several functions of several files, there is a possible way to access developer mode traces due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-262244249 |