U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Search Type: Search All
  • CPE Product: cpe:/::android
There are 7,951 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2023-48344

In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed

Published: January 17, 2024; 10:15:57 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-48343

In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed

Published: January 17, 2024; 10:15:57 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-48342

In media service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

Published: January 17, 2024; 10:15:57 PM -0500
V3.1: 4.4 MEDIUM
V2.0:(not available)
CVE-2023-48341

In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed

Published: January 17, 2024; 10:15:57 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-48340

In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed

Published: January 17, 2024; 10:15:57 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-48339

In jpg driver, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed

Published: January 17, 2024; 10:15:57 PM -0500
V3.1: 4.4 MEDIUM
V2.0:(not available)
CVE-2024-20806

Improper access control in Notification service prior to SMR Jan-2024 Release 1 allows local attacker to access notification data.

Published: January 03, 2024; 8:15:09 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2024-20805

Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows attackers to write arbitrary file.

Published: January 03, 2024; 8:15:09 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2024-20804

Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows attackers to write arbitrary file.

Published: January 03, 2024; 8:15:09 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2024-20803

Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction.

Published: January 03, 2024; 8:15:09 PM -0500
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2023-4164

There is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of health data with no additional execution privileges needed.

Published: January 02, 2024; 5:15:08 PM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-32891

In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559.

Published: January 01, 2024; 10:15:08 PM -0500
V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-32889

In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161825; Issue ID: MOLY01161825 (MSV-895).

Published: January 01, 2024; 10:15:08 PM -0500
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-32885

In display drm, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780685; Issue ID: ALPS07780685.

Published: January 01, 2024; 10:15:08 PM -0500
V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-32884

In netdagent, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944011; Issue ID: ALPS07944011.

Published: January 01, 2024; 10:15:08 PM -0500
V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-32883

In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08282249; Issue ID: ALPS08282249.

Published: January 01, 2024; 10:15:08 PM -0500
V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-32882

In battery, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308616.

Published: January 01, 2024; 10:15:08 PM -0500
V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-32881

In battery, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308080.

Published: January 01, 2024; 10:15:08 PM -0500
V3.1: 4.4 MEDIUM
V2.0:(not available)
CVE-2023-32880

In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308076.

Published: January 01, 2024; 10:15:08 PM -0500
V3.1: 4.4 MEDIUM
V2.0:(not available)
CVE-2023-32879

In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308064.

Published: January 01, 2024; 10:15:08 PM -0500
V3.1: 6.7 MEDIUM
V2.0:(not available)