Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:google:android:10.0:-:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-52160 |
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. Published: February 22, 2024; 12:15:08 PM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-45866 |
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue. Published: December 08, 2023; 1:15:45 AM -0500 |
V4.0:(not available) V3.1: 6.3 MEDIUM V2.0:(not available) |
CVE-2023-42695 |
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed Published: December 03, 2023; 8:15:09 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-42694 |
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed Published: December 03, 2023; 8:15:09 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-42693 |
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed Published: December 03, 2023; 8:15:09 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-42692 |
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed Published: December 03, 2023; 8:15:09 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-42690 |
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed Published: December 03, 2023; 8:15:09 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-42689 |
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed Published: December 03, 2023; 8:15:09 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-42688 |
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed Published: December 03, 2023; 8:15:09 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-42687 |
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed Published: December 03, 2023; 8:15:09 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-42686 |
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed Published: December 03, 2023; 8:15:09 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-42685 |
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed Published: December 03, 2023; 8:15:09 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-48464 |
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed Published: December 03, 2023; 8:15:08 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-48463 |
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed Published: December 03, 2023; 8:15:08 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-48462 |
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed Published: December 03, 2023; 8:15:08 PM -0500 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-42653 |
In faceid service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges Published: November 01, 2023; 6:15:10 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-42647 |
In Ifaa service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed Published: November 01, 2023; 6:15:10 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-42646 |
In Ifaa service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed Published: November 01, 2023; 6:15:10 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-48460 |
In setting service, there is a possible undefined behavior due to incorrect error handling. This could lead to local denial of service with no additional execution privileges needed Published: November 01, 2023; 6:15:08 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-45780 |
In Print Service, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Published: October 30, 2023; 2:15:10 PM -0400 |
V4.0:(not available) V3.1: 7.3 HIGH V2.0:(not available) |