Total
7123 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-42678 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-05 | N/A | 5.5 MEDIUM |
| In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-21401 | 1 Google | 1 Android | 2024-02-05 | N/A | 9.8 CRITICAL |
| In DevmemIntChangeSparse of devicemem_server.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-32878 | 2 Google, Mediatek | 22 Android, Mt6762, Mt6765 and 19 more | 2024-02-05 | N/A | 4.4 MEDIUM |
| In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08307992. | |||||
| CVE-2022-42538 | 1 Google | 1 Android | 2024-02-05 | N/A | 9.8 CRITICAL |
| Elevation of privilege | |||||
| CVE-2023-42715 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-05 | N/A | 5.5 MEDIUM |
| In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-42701 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-05 | N/A | 5.5 MEDIUM |
| In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-48353 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-05 | N/A | 4.4 MEDIUM |
| In vsp driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2022-42537 | 1 Google | 1 Android | 2024-02-05 | N/A | 9.8 CRITICAL |
| Remote code execution | |||||
| CVE-2023-42721 | 2 Google, Unisoc | 2 Android, Sc9863a | 2024-02-05 | N/A | 5.5 MEDIUM |
| In flv extractor, there is a possible missing verification incorrect input. This could lead to local denial of service with no additional execution privileges needed | |||||
| CVE-2023-42722 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-05 | N/A | 6.7 MEDIUM |
| In camera service, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed | |||||
| CVE-2023-32847 | 2 Google, Mediatek | 47 Android, Mt2713, Mt6580 and 44 more | 2024-02-05 | N/A | 7.8 HIGH |
| In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08241940; Issue ID: ALPS08241940. | |||||
| CVE-2023-42684 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-05 | N/A | 4.4 MEDIUM |
| In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2023-48341 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-05 | N/A | 5.5 MEDIUM |
| In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed | |||||
| CVE-2023-48356 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-05 | N/A | 4.4 MEDIUM |
| In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2023-42729 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-05 | N/A | 4.4 MEDIUM |
| In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2022-48462 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-05 | N/A | 5.5 MEDIUM |
| In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed | |||||
| CVE-2023-42689 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-05 | N/A | 7.8 HIGH |
| In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed | |||||
| CVE-2022-42539 | 1 Google | 1 Android | 2024-02-05 | N/A | 7.5 HIGH |
| Information disclosure | |||||
| CVE-2023-45866 | 6 Apple, Bluproducts, Canonical and 3 more | 16 Ipad Os, Iphone Os, Iphone Se and 13 more | 2024-02-05 | N/A | 6.3 MEDIUM |
| Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue. | |||||
| CVE-2023-42671 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-02-05 | N/A | 5.5 MEDIUM |
| In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||