Filtered by vendor Google
Subscriptions
Total
12084 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-21024 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In maybeFinish of FallbackHome.java, there is a possible delay of lockdown screen due to logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246543238 | ||||
CVE-2023-21016 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In AccountTypePreference of AccountTypePreference.java, there is a possible way to mislead the user about accounts installed on the device due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-213905884 | ||||
CVE-2023-21041 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In append_to_params of param_util.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-250123688References: N/A | ||||
CVE-2023-20997 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246749702 | ||||
CVE-2023-21035 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In multiple functions of BackupHelper.java, there is a possible way for an app to get permissions previously granted to another app with the same package name due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-184847040 | ||||
CVE-2023-21067 | 1 Google | 1 Android | 2024-08-02 | 7.5 High |
Product: AndroidVersions: Android kernelAndroid ID: A-254114726References: N/A | ||||
CVE-2023-20991 | 1 Google | 1 Android | 2024-08-02 | 4.4 Medium |
In btm_ble_process_periodic_adv_sync_lost_evt of ble_scanner_hci_interface.cc , there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-255305114 | ||||
CVE-2023-20988 | 1 Google | 1 Android | 2024-08-02 | 4.5 Medium |
In btm_read_rssi_complete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260569232 | ||||
CVE-2023-20993 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In multiple functions of SnoozeHelper.java, there is a possible failure to persist settings due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261588851 | ||||
CVE-2023-20990 | 1 Google | 1 Android | 2024-08-02 | 4.4 Medium |
In btm_ble_rand_enc_complete of btm_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568354 | ||||
CVE-2023-21007 | 1 Google | 1 Android | 2024-08-02 | 4.4 Medium |
In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-257029965 | ||||
CVE-2023-21019 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
In ih264e_init_proc_ctxt of ih264e_process.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242379731 | ||||
CVE-2023-21039 | 1 Google | 1 Android | 2024-08-02 | 4.4 Medium |
In dumpstateBoard of Dumpstate.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-263783650References: N/A | ||||
CVE-2023-21020 | 1 Google | 1 Android | 2024-08-02 | 6.7 Medium |
In registerSignalHandlers of main.c, there is a possible local arbitrary code execution due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-256591441 | ||||
CVE-2023-21017 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In InstallStart of InstallStart.java, there is a possible way to change the installer package name due to an improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-236687884 | ||||
CVE-2023-21011 | 1 Google | 1 Android | 2024-08-02 | 4.4 Medium |
In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-257029912 | ||||
CVE-2023-21013 | 1 Google | 1 Android | 2024-08-02 | 4.4 Medium |
In forceStaDisconnection of hostapd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-256818945 | ||||
CVE-2023-21064 | 1 Google | 1 Android | 2024-08-02 | 6.7 Medium |
In DoSetPinControl of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243130078References: N/A | ||||
CVE-2023-21005 | 1 Google | 1 Android | 2024-08-02 | 7.8 High |
In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-261193946 | ||||
CVE-2023-21027 | 1 Google | 1 Android | 2024-08-02 | 7.5 High |
In multiple functions of PasspointXmlUtils.java, there is a possible authentication misconfiguration due to a logic error in the code. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-216854451 |