Search Results (Refine Search)
- Results Type: Overview
- Search Type: Search All
- CPE Product: cpe:/::android
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-48344 |
In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed Published: January 17, 2024; 10:15:57 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-48343 |
In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed Published: January 17, 2024; 10:15:57 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-48342 |
In media service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed Published: January 17, 2024; 10:15:57 PM -0500 |
V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2023-48341 |
In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed Published: January 17, 2024; 10:15:57 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-48340 |
In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed Published: January 17, 2024; 10:15:57 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-48339 |
In jpg driver, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed Published: January 17, 2024; 10:15:57 PM -0500 |
V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2024-20806 |
Improper access control in Notification service prior to SMR Jan-2024 Release 1 allows local attacker to access notification data. Published: January 03, 2024; 8:15:09 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2024-20805 |
Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows attackers to write arbitrary file. Published: January 03, 2024; 8:15:09 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2024-20804 |
Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows attackers to write arbitrary file. Published: January 03, 2024; 8:15:09 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2024-20803 |
Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction. Published: January 03, 2024; 8:15:09 PM -0500 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-4164 |
There is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of health data with no additional execution privileges needed. Published: January 02, 2024; 5:15:08 PM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-32891 |
In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559. Published: January 01, 2024; 10:15:08 PM -0500 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-32889 |
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161825; Issue ID: MOLY01161825 (MSV-895). Published: January 01, 2024; 10:15:08 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-32885 |
In display drm, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780685; Issue ID: ALPS07780685. Published: January 01, 2024; 10:15:08 PM -0500 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-32884 |
In netdagent, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944011; Issue ID: ALPS07944011. Published: January 01, 2024; 10:15:08 PM -0500 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-32883 |
In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08282249; Issue ID: ALPS08282249. Published: January 01, 2024; 10:15:08 PM -0500 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-32882 |
In battery, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308616. Published: January 01, 2024; 10:15:08 PM -0500 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-32881 |
In battery, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308080. Published: January 01, 2024; 10:15:08 PM -0500 |
V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2023-32880 |
In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308076. Published: January 01, 2024; 10:15:08 PM -0500 |
V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2023-32879 |
In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308064. Published: January 01, 2024; 10:15:08 PM -0500 |
V3.1: 6.7 MEDIUM V2.0:(not available) |