Filtered by vendor Google
Subscribe
Total
13548 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21060 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.5 HIGH |
|
In sms_GetTpPiIe of sms_PduCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-253770924References: N/A
|
|||||
| CVE-2023-21059 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.5 HIGH |
|
In EUTRAN_LCS_DecodeFacilityInformationElement of LPP_LcsManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-247564044References: N/A
|
|||||
| CVE-2023-21058 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
|
In lcsm_SendRrAcquiAssist of lcsm_bcm_assist.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-246169606References: N/A
|
|||||
| CVE-2023-20994 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In _ufdt_output_property_to_fdt of ufdt_convert.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-259062118
|
|||||
| CVE-2023-20992 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.5 MEDIUM |
|
In on_iso_link_quality_read of btm_iso_impl.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568750
|
|||||
| CVE-2023-20991 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In btm_ble_process_periodic_adv_sync_lost_evt of ble_scanner_hci_interface.cc , there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-255305114
|
|||||
| CVE-2023-20990 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In btm_ble_rand_enc_complete of btm_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568354
|
|||||
| CVE-2023-20987 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.5 MEDIUM |
|
In btm_read_link_quality_complete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260569414
|
|||||
| CVE-2023-20986 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In btm_ble_clear_resolving_list_completecomplete of btm_ble_privacy.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-255304475
|
|||||
| CVE-2023-20985 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In BTA_GATTS_HandleValueIndication of bta_gatts_api.cc, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245915315
|
|||||
| CVE-2023-20984 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In ParseBqrLinkQualityEvt of btif_bqr.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242993878
|
|||||
| CVE-2023-20983 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In btm_ble_rand_enc_complete of btm_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260569449
|
|||||
| CVE-2023-20982 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In btm_read_tx_power_complete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568083
|
|||||
| CVE-2023-20981 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In btu_ble_rc_param_req_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-256165737
|
|||||
| CVE-2023-20980 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In btu_ble_ll_conn_param_upd_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260230274
|
|||||
| CVE-2023-20965 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
|
In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-20942 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-20938 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257685302References: Upstream kernel
|
|||||
| CVE-2023-20918 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
|
In getPendingIntentLaunchFlags of ActivityOptions.java, there is a possible elevation of privilege due to a confused deputy with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-20851 | 2 Google, Mediatek | 2 Android, Mt8188 | 2024-11-21 | N/A | 6.3 MEDIUM |
|
In stc, there is a possible out of bounds read due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08048635; Issue ID: ALPS08048635.
|
|||||
| CVE-2023-20850 | 4 Google, Linux, Linuxfoundation and 1 more | 12 Android, Linux Kernel, Yocto and 9 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340381.
|
|||||
| CVE-2023-20849 | 4 Google, Linux, Linuxfoundation and 1 more | 12 Android, Linux Kernel, Yocto and 9 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340350.
|
|||||
| CVE-2023-20848 | 4 Google, Linux, Linuxfoundation and 1 more | 12 Android, Linux Kernel, Yocto and 9 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340433.
|
|||||
| CVE-2023-20847 | 4 Google, Linux, Linuxfoundation and 1 more | 11 Android, Linux Kernel, Yocto and 8 more | 2024-11-21 | N/A | 4.2 MEDIUM |
|
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354025; Issue ID: ALPS07340108.
|
|||||
| CVE-2023-20846 | 4 Google, Linux, Linuxfoundation and 1 more | 11 Android, Linux Kernel, Yocto and 8 more | 2024-11-21 | N/A | 4.2 MEDIUM |
|
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354023; Issue ID: ALPS07340098.
|
|||||
| CVE-2023-20845 | 4 Google, Linux, Linuxfoundation and 1 more | 10 Android, Linux Kernel, Yocto and 7 more | 2024-11-21 | N/A | 4.2 MEDIUM |
|
In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07197795; Issue ID: ALPS07340357.
|
|||||
| CVE-2023-20844 | 4 Google, Linux, Linuxfoundation and 1 more | 11 Android, Linux Kernel, Yocto and 8 more | 2024-11-21 | N/A | 4.2 MEDIUM |
|
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354058; Issue ID: ALPS07340121.
|
|||||
| CVE-2023-20843 | 4 Google, Linux, Linuxfoundation and 1 more | 11 Android, Linux Kernel, Yocto and 8 more | 2024-11-21 | N/A | 4.2 MEDIUM |
|
In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340119; Issue ID: ALPS07340119.
|
|||||
| CVE-2023-20842 | 4 Google, Linux, Linuxfoundation and 1 more | 12 Android, Linux Kernel, Yocto and 9 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354259; Issue ID: ALPS07340477.
|
|||||
| CVE-2023-20841 | 4 Google, Linux, Linuxfoundation and 1 more | 12 Android, Linux Kernel, Yocto and 9 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326441.
|
|||||
| CVE-2023-20840 | 4 Google, Linux, Linuxfoundation and 1 more | 10 Android, Linux Kernel, Yocto and 7 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326430; Issue ID: ALPS07326430.
|
|||||
| CVE-2023-20839 | 4 Google, Linux, Linuxfoundation and 1 more | 12 Android, Linux Kernel, Yocto and 9 more | 2024-11-21 | N/A | 4.2 MEDIUM |
|
In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326409.
|
|||||
| CVE-2023-20838 | 4 Google, Linux, Linuxfoundation and 1 more | 42 Android, Linux Kernel, Yocto and 39 more | 2024-11-21 | N/A | 4.0 MEDIUM |
|
In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326418.
|
|||||
| CVE-2023-20837 | 2 Google, Mediatek | 18 Android, Mt6779, Mt6781 and 15 more | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In seninf, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07992786; Issue ID: ALPS07992786.
|
|||||
| CVE-2023-20836 | 2 Google, Mediatek | 15 Android, Mt6762, Mt6765 and 12 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In camsys, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07505629; Issue ID: ALPS07505629.
|
|||||
| CVE-2023-20835 | 3 Google, Linuxfoundation, Mediatek | 9 Android, Yocto, Iot Yocto and 6 more | 2024-11-21 | N/A | 6.4 MEDIUM |
|
In camsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341261; Issue ID: ALPS07326570.
|
|||||
| CVE-2023-20834 | 2 Google, Mediatek | 11 Android, Mt6879, Mt6886 and 8 more | 2024-11-21 | N/A | 6.4 MEDIUM |
|
In pda, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07608514; Issue ID: ALPS07608514.
|
|||||
| CVE-2023-20833 | 2 Google, Mediatek | 56 Android, Mt6580, Mt6731 and 53 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017764.
|
|||||
| CVE-2023-20832 | 5 Google, Linuxfoundation, Mediatek and 2 more | 40 Android, Yocto, Mt2735 and 37 more | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08013530.
|
|||||
| CVE-2023-20831 | 5 Google, Linuxfoundation, Mediatek and 2 more | 39 Android, Yocto, Mt2735 and 36 more | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014162.
|
|||||