Search Results (Refine Search)
- Results Type: Overview
- Search Type: Search All
- CPE Product: cpe:/::android
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-40074 |
In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:23 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-40073 |
In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:23 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-35690 |
In RGXDestroyHWRTData of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:23 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-35668 |
In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:23 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-21403 |
In RGXDestroyZSBufferKM of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:23 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21402 |
In MMU_UnmapPages of mmu_common.c, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:23 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21401 |
In DevmemIntChangeSparse of devicemem_server.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:22 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21263 |
In OSMMapPMRGeneric of pmr_os.c, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:22 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21228 |
In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:22 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21227 |
In HTBLogKM of htbserver.c, there is a possible information disclosure due to log information disclosure. This could lead to local information disclosure in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:22 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-21218 |
In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:22 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21217 |
In PMRWritePMPageList of TBD, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:22 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21216 |
In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:22 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21215 |
In DevmemIntAcquireRemoteCtx of devicemem_server.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:22 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21166 |
In RGXBackingZSBuffer of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:22 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21164 |
In DevmemIntMapPMR of devicemem_server.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:22 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21163 |
In PMR_ReadBytes of pmr.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:22 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21162 |
In RGXUnbackingZSBuffer of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:22 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-32870 |
In display drm, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363740; Issue ID: ALPS07363740. Published: December 03, 2023; 11:15:08 PM -0500 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-32869 |
In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363632; Issue ID: ALPS07363689. Published: December 03, 2023; 11:15:08 PM -0500 |
V3.1: 6.7 MEDIUM V2.0:(not available) |