) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2023-21124 |
In run of multiple files, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-265798353 Published: June 15, 2023; 3:15:09 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-21123 |
In multiple functions of multiple files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-270050064 Published: June 15, 2023; 3:15:09 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-21122 |
In various functions of various files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-270050191 Published: June 15, 2023; 3:15:09 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-21115 |
In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type due to improperly used crypto. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-258834033 Published: June 15, 2023; 3:15:09 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2023-21108 |
In sdpu_build_uuid_seq of sdp_discovery.cc, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-239414876 Published: June 15, 2023; 3:15:09 PM -0400 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2023-21105 |
In multiple functions of ChooserActivity.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261036568 Published: June 15, 2023; 3:15:09 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-20724 |
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07843845; Issue ID: ALPS07843841. Published: June 06, 2023; 9:15:11 AM -0400 |
V4.0:(not available) V3.1: 6.7 MEDIUM V2.0:(not available) |
| CVE-2023-20723 |
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07843845; Issue ID: ALPS07843845. Published: June 06, 2023; 9:15:11 AM -0400 |
V4.0:(not available) V3.1: 6.7 MEDIUM V2.0:(not available) |
| CVE-2023-30915 |
In email service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. Published: June 06, 2023; 2:15:52 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-30914 |
In email service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. Published: June 06, 2023; 2:15:51 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-30865 |
In dialer service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. Published: June 06, 2023; 2:15:51 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2022-48448 |
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. Published: June 06, 2023; 2:15:51 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2022-48447 |
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. Published: June 06, 2023; 2:15:51 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2022-48446 |
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. Published: June 06, 2023; 2:15:50 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2022-48445 |
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. Published: June 06, 2023; 2:15:50 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2022-48444 |
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. Published: June 06, 2023; 2:15:50 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2022-48443 |
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. Published: June 06, 2023; 2:15:50 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2022-48442 |
In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. Published: June 06, 2023; 2:15:50 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2022-48441 |
In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. Published: June 06, 2023; 2:15:50 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2022-48440 |
In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges. Published: June 06, 2023; 2:15:50 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |