Total
8912 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40648 | 2 Google, Unisoc | 2 Android, Sc9863a | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
|
|||||
| CVE-2023-40647 | 2 Google, Unisoc | 2 Android, Sc9863a | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
|
|||||
| CVE-2023-40646 | 2 Google, Unisoc | 2 Android, Sc9863a | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
|
|||||
| CVE-2023-40645 | 2 Google, Unisoc | 2 Android, Sc9863a | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
|
|||||
| CVE-2023-40644 | 2 Google, Unisoc | 2 Android, Sc9863a | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
|
|||||
| CVE-2023-40643 | 2 Google, Unisoc | 2 Android, Sc9863a | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
|
|||||
| CVE-2023-40642 | 2 Google, Unisoc | 2 Android, Sc9863a | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
|
|||||
| CVE-2023-40641 | 2 Google, Unisoc | 2 Android, Sc9863a | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
|
|||||
| CVE-2023-40640 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
|
|||||
| CVE-2023-40639 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
|
|||||
| CVE-2023-40638 | 2 Google, Unisoc | 5 Android, S8000, T760 and 2 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In Telecom service, there is a possible missing permission check. This could lead to local denial of service with System execution privileges needed
|
|||||
| CVE-2023-40637 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
|
|||||
| CVE-2023-40636 | 2 Google, Unisoc | 5 Android, S8000, T760 and 2 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with System execution privileges needed
|
|||||
| CVE-2023-40635 | 2 Google, Unisoc | 11 Android, S8000, Sc9863a and 8 more | 2024-11-21 | N/A | 7.8 HIGH |
|
In linkturbo, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
|
|||||
| CVE-2023-40634 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 7.8 HIGH |
|
In phasechecksercer, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
|
|||||
| CVE-2023-40633 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In phasecheckserver, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
|
|||||
| CVE-2023-40632 | 2 Google, Unisoc | 4 Android, T606, T612 and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
|
In jpg driver, there is a possible use after free due to a logic error. This could lead to remote information disclosure no additional execution privileges needed
|
|||||
| CVE-2023-40631 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In Dialer, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed
|
|||||
| CVE-2023-40142 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In TBD of TBD, there is a possible way to bypass carrier restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40141 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In temp_residency_name_store of thermal_metrics.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40140 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In android_view_InputDevice_create of android_view_InputDevice.cpp, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40139 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40138 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40137 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
In multiple functions of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40136 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
In setHeader of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40135 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
In applyCustomDescription of SaveUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40134 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
In isFullScreen of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40133 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In multiple locations of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40129 | 1 Google | 1 Android | 2024-11-21 | N/A | 8.8 HIGH |
|
In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40128 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In several functions of xmlregexp.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40127 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
In multiple locations, there is a possible way to access screenshots due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40123 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In updateActionViews of PipMenuView.java, there is a possible bypass of a multi user security boundary due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40121 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In appendEscapedSQLString of DatabaseUtils.java, there is a possible SQL injection due to unsafe deserialization. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40103 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In multiple locations, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40101 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In collapse of canonicalize_md.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40098 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In mOnDone of NotificationConversationInfo.java, there is a possible way to access app notification data of another user due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40097 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In hasPermissionForActivity of PackageManagerHelper.java, there is a possible URI grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
|
|||||
| CVE-2023-40096 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In OpRecordAudioMonitor::onFirstRef of AudioRecordClient.cpp, there is a possible way to record audio from the background due to a missing flag. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40095 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In createDontSendToRestrictedAppsBundle of PendingIntentUtils.java, there is a possible background activity launch due to a missing check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-40094 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||