Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Filtered by product Android
Total 7819 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-9412 1 Google 1 Android 2024-12-05 N/A 5.5 MEDIUM
In removeUnsynchronization of ID3.cpp there is a possible resource exhaustion due to improper input validation. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2023-21187 1 Google 1 Android 2024-12-05 N/A 7.8 HIGH
In onCreate of UsbAccessoryUriActivity.java, there is a possible way to escape the Setup Wizard due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246542917
CVE-2023-21176 1 Google 1 Android 2024-12-05 N/A 4.4 MEDIUM
In list_key_entries of utils.rs, there is a possible way to disable user credentials due to resource exhaustion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222287335
CVE-2023-21175 1 Google 1 Android 2024-12-05 N/A 7.8 HIGH
In onCreate of DataUsageSummary.java, there is a possible method for a guest user to enable or disable mobile data due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262243574
CVE-2023-21206 1 Google 1 Android 2024-12-04 N/A 4.4 MEDIUM
In initiateVenueUrlAnqpQueryInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262245630
CVE-2023-21200 1 Google 1 Android 2024-12-04 N/A 5.5 MEDIUM
In on_remove_iso_data_path of btm_iso_impl.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-236688764
CVE-2023-21199 1 Google 1 Android 2024-12-04 N/A 4.4 MEDIUM
In btu_ble_proc_ltk_req of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-254445961
CVE-2023-21208 1 Google 1 Android 2024-12-04 N/A 4.4 MEDIUM
In setCountryCodeInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262245254
CVE-2023-40093 1 Google 1 Android 2024-12-03 N/A 5.5 MEDIUM
In multiple files, there is a possible way that trimmed content could be included in PDF output due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-52345 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-12-03 N/A 6.0 MEDIUM
In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed
CVE-2024-0037 1 Google 1 Android 2024-12-03 N/A 3.3 LOW
In applyCustomDescription of SaveUi.java, there is a possible way to view images belonging to a different user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-32896 1 Google 1 Android 2024-11-29 N/A 7.8 HIGH
there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2024-29748 1 Google 2 Android, Pixel 2024-11-29 N/A 7.8 HIGH
there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2024-29745 1 Google 1 Android 2024-11-29 N/A 5.5 MEDIUM
there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-52536 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-27 N/A 4.4 MEDIUM
In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
CVE-2023-52352 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-27 N/A 5.5 MEDIUM
In Network Adapter Service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed
CVE-2023-52350 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-27 N/A 4.4 MEDIUM
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
CVE-2023-52349 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-27 N/A 4.4 MEDIUM
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
CVE-2023-33905 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2024-11-27 N/A 4.4 MEDIUM
In iwnpi server, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
CVE-2023-40122 1 Google 1 Android 2024-11-26 N/A 3.3 LOW
In applyCustomDescription of SaveUi.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.