Total
8912 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21101 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.0 HIGH |
|
In multiple functions of WVDrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-258189255
|
|||||
| CVE-2023-21095 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.7 MEDIUM |
|
In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-242704576
|
|||||
| CVE-2023-21078 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-254840211References: N/A
|
|||||
| CVE-2023-21077 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257289560References: N/A
|
|||||
| CVE-2023-21076 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In createTransmitFollowupRequest of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-261857623References: N/A
|
|||||
| CVE-2023-21075 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In get_svc_hash of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-261857862References: N/A
|
|||||
| CVE-2023-21073 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257290396References: N/A
|
|||||
| CVE-2023-21072 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257290781References: N/A
|
|||||
| CVE-2023-21071 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In dhd_prot_ioctcmplt_process of dhd_msgbuf.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-254028518References: N/A
|
|||||
| CVE-2023-21070 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In add_roam_cache_list of wl_roam.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-254028776References: N/A
|
|||||
| CVE-2023-21069 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In wl_update_hidden_ap_ie of wl_cfgscan.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-254029309References: N/A
|
|||||
| CVE-2023-21066 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
|
In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-250100597References: N/A
|
|||||
| CVE-2023-21065 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In fdt_next_tag of fdt.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630493References: N/A
|
|||||
| CVE-2023-21064 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In DoSetPinControl of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243130078References: N/A
|
|||||
| CVE-2023-21063 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In ParseWithAuthType of simdata.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243129862References: N/A
|
|||||
| CVE-2023-21062 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In DoSetTempEcc of imsservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243376770References: N/A
|
|||||
| CVE-2023-21060 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.5 HIGH |
|
In sms_GetTpPiIe of sms_PduCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-253770924References: N/A
|
|||||
| CVE-2023-21059 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.5 HIGH |
|
In EUTRAN_LCS_DecodeFacilityInformationElement of LPP_LcsManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-247564044References: N/A
|
|||||
| CVE-2023-21058 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
|
In lcsm_SendRrAcquiAssist of lcsm_bcm_assist.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-246169606References: N/A
|
|||||
| CVE-2023-20994 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In _ufdt_output_property_to_fdt of ufdt_convert.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-259062118
|
|||||
| CVE-2023-20992 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.5 MEDIUM |
|
In on_iso_link_quality_read of btm_iso_impl.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568750
|
|||||
| CVE-2023-20991 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In btm_ble_process_periodic_adv_sync_lost_evt of ble_scanner_hci_interface.cc , there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-255305114
|
|||||
| CVE-2023-20990 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In btm_ble_rand_enc_complete of btm_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568354
|
|||||
| CVE-2023-20987 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.5 MEDIUM |
|
In btm_read_link_quality_complete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260569414
|
|||||
| CVE-2023-20986 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In btm_ble_clear_resolving_list_completecomplete of btm_ble_privacy.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-255304475
|
|||||
| CVE-2023-20985 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In BTA_GATTS_HandleValueIndication of bta_gatts_api.cc, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245915315
|
|||||
| CVE-2023-20984 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In ParseBqrLinkQualityEvt of btif_bqr.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242993878
|
|||||
| CVE-2023-20983 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In btm_ble_rand_enc_complete of btm_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260569449
|
|||||
| CVE-2023-20982 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In btm_read_tx_power_complete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568083
|
|||||
| CVE-2023-20981 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In btu_ble_rc_param_req_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-256165737
|
|||||
| CVE-2023-20980 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In btu_ble_ll_conn_param_upd_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260230274
|
|||||
| CVE-2023-20965 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
|
In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-20942 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-20938 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257685302References: Upstream kernel
|
|||||
| CVE-2023-20918 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
|
In getPendingIntentLaunchFlags of ActivityOptions.java, there is a possible elevation of privilege due to a confused deputy with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-20851 | 2 Google, Mediatek | 2 Android, Mt8188 | 2024-11-21 | N/A | 6.3 MEDIUM |
|
In stc, there is a possible out of bounds read due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08048635; Issue ID: ALPS08048635.
|
|||||
| CVE-2023-20850 | 4 Google, Linux, Linuxfoundation and 1 more | 12 Android, Linux Kernel, Yocto and 9 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340381.
|
|||||
| CVE-2023-20849 | 4 Google, Linux, Linuxfoundation and 1 more | 12 Android, Linux Kernel, Yocto and 9 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340350.
|
|||||
| CVE-2023-20848 | 4 Google, Linux, Linuxfoundation and 1 more | 12 Android, Linux Kernel, Yocto and 9 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340433.
|
|||||
| CVE-2023-20847 | 4 Google, Linux, Linuxfoundation and 1 more | 11 Android, Linux Kernel, Yocto and 8 more | 2024-11-21 | N/A | 4.2 MEDIUM |
|
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354025; Issue ID: ALPS07340108.
|
|||||