U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 2,174 matching records.
Displaying matches 241 through 260.
Vuln ID Summary CVSS Severity
CVE-2023-40642

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: October 08, 2023; 12:15:57 AM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-40641

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: October 08, 2023; 12:15:57 AM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-40637

In telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges

Published: October 08, 2023; 12:15:56 AM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-40634

In phasechecksercer, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

Published: October 08, 2023; 12:15:56 AM -0400 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-40633

In phasecheckserver, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: October 08, 2023; 12:15:56 AM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-40631

In Dialer, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed

Published: October 08, 2023; 12:15:55 AM -0400 		V4.0:(not available)
 V3.1: 4.4 MEDIUM
V2.0:(not available)
CVE-2023-21291

In visitUris of Notification.java, there is a possible way to reveal image contents from another user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.

Published: October 06, 2023; 3:15:12 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-21266

In killBackgroundProcesses of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: October 06, 2023; 3:15:12 PM -0400 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-21253

In multiple locations, there is a possible way to crash multiple system services due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: October 06, 2023; 3:15:12 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-21252

In validatePassword of WifiConfigurationUtil.java, there is a possible way to get the device into a boot loop due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: October 06, 2023; 3:15:12 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-21244

In visitUris of Notification.java, there is a possible bypass of user profile boundaries due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

Published: October 06, 2023; 3:15:12 PM -0400 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-32829

In apusys, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07713478; Issue ID: ALPS07713478.

Published: October 01, 2023; 11:15:10 PM -0400 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-32828

In vpu, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767817; Issue ID: ALPS07767817.

Published: October 01, 2023; 11:15:10 PM -0400 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-32827

In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993539.

Published: October 01, 2023; 11:15:10 PM -0400 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-32826

In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993544.

Published: October 01, 2023; 11:15:10 PM -0400 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-32824

In rpmb , there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07912966; Issue ID: ALPS07912961.

Published: October 01, 2023; 11:15:10 PM -0400 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-32823

In rpmb , there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07912966; Issue ID: ALPS07912966.

Published: October 01, 2023; 11:15:09 PM -0400 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-32822

In ftm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07994229; Issue ID: ALPS07994229.

Published: October 01, 2023; 11:15:09 PM -0400 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-32821

In video, there is a possible out of bounds write due to a permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08013430; Issue ID: ALPS08013433.

Published: October 01, 2023; 11:15:09 PM -0400 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-32820

In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637.

Published: October 01, 2023; 11:15:09 PM -0400 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0:(not available)