Total
7819 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-9412 | 1 Google | 1 Android | 2024-12-05 | N/A | 5.5 MEDIUM |
In removeUnsynchronization of ID3.cpp there is a possible resource exhaustion due to improper input validation. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
CVE-2023-21187 | 1 Google | 1 Android | 2024-12-05 | N/A | 7.8 HIGH |
In onCreate of UsbAccessoryUriActivity.java, there is a possible way to escape the Setup Wizard due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246542917 | |||||
CVE-2023-21176 | 1 Google | 1 Android | 2024-12-05 | N/A | 4.4 MEDIUM |
In list_key_entries of utils.rs, there is a possible way to disable user credentials due to resource exhaustion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222287335 | |||||
CVE-2023-21175 | 1 Google | 1 Android | 2024-12-05 | N/A | 7.8 HIGH |
In onCreate of DataUsageSummary.java, there is a possible method for a guest user to enable or disable mobile data due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262243574 | |||||
CVE-2023-21206 | 1 Google | 1 Android | 2024-12-04 | N/A | 4.4 MEDIUM |
In initiateVenueUrlAnqpQueryInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262245630 | |||||
CVE-2023-21200 | 1 Google | 1 Android | 2024-12-04 | N/A | 5.5 MEDIUM |
In on_remove_iso_data_path of btm_iso_impl.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-236688764 | |||||
CVE-2023-21199 | 1 Google | 1 Android | 2024-12-04 | N/A | 4.4 MEDIUM |
In btu_ble_proc_ltk_req of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-254445961 | |||||
CVE-2023-21208 | 1 Google | 1 Android | 2024-12-04 | N/A | 4.4 MEDIUM |
In setCountryCodeInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262245254 | |||||
CVE-2023-40093 | 1 Google | 1 Android | 2024-12-03 | N/A | 5.5 MEDIUM |
In multiple files, there is a possible way that trimmed content could be included in PDF output due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-52345 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-12-03 | N/A | 6.0 MEDIUM |
In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed | |||||
CVE-2024-0037 | 1 Google | 1 Android | 2024-12-03 | N/A | 3.3 LOW |
In applyCustomDescription of SaveUi.java, there is a possible way to view images belonging to a different user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-32896 | 1 Google | 1 Android | 2024-11-29 | N/A | 7.8 HIGH |
there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
CVE-2024-29748 | 1 Google | 2 Android, Pixel | 2024-11-29 | N/A | 7.8 HIGH |
there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
CVE-2024-29745 | 1 Google | 1 Android | 2024-11-29 | N/A | 5.5 MEDIUM |
there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-52536 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-27 | N/A | 4.4 MEDIUM |
In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-52352 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-27 | N/A | 5.5 MEDIUM |
In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed | |||||
CVE-2023-52350 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-27 | N/A | 4.4 MEDIUM |
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-52349 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-27 | N/A | 4.4 MEDIUM |
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-33905 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-27 | N/A | 4.4 MEDIUM |
In iwnpi server, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | |||||
CVE-2023-40122 | 1 Google | 1 Android | 2024-11-26 | N/A | 3.3 LOW |
In applyCustomDescription of SaveUi.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. |