U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 1,602 matching records.
Displaying matches 81 through 100.
Vuln ID Summary CVSS Severity
CVE-2023-42746

In power manager, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

Published: December 03, 2023; 8:15:11 PM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-42745

In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

Published: December 03, 2023; 8:15:11 PM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-42744

In telecom service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed

Published: December 03, 2023; 8:15:11 PM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-42742

In sysui, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed

Published: December 03, 2023; 8:15:11 PM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-42731

In Gnss service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

Published: December 03, 2023; 8:15:11 PM -0500 		V4.0:(not available)
 V3.1: 4.4 MEDIUM
V2.0:(not available)
CVE-2023-42730

In IMS service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: December 03, 2023; 8:15:11 PM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-42729

In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

Published: December 03, 2023; 8:15:11 PM -0500 		V4.0:(not available)
 V3.1: 4.4 MEDIUM
V2.0:(not available)
CVE-2023-42699

In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: December 03, 2023; 8:15:09 PM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-42698

In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: December 03, 2023; 8:15:09 PM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-42697

In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Published: December 03, 2023; 8:15:09 PM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-32836

In display, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08126725; Issue ID: ALPS08126725.

Published: November 05, 2023; 11:15:07 PM -0500 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-32835

In keyinstall, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08157918; Issue ID: ALPS08157918.

Published: November 05, 2023; 11:15:07 PM -0500 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-32834

In secmem, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08161762; Issue ID: ALPS08161762.

Published: November 05, 2023; 11:15:07 PM -0500 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-32832

In video, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08235273; Issue ID: ALPS08235273.

Published: November 05, 2023; 11:15:07 PM -0500 		V4.0:(not available)
 V3.1: 7.0 HIGH
V2.0:(not available)
CVE-2023-32825

In bluethooth service, there is a possible out of bounds reads due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07884130; Issue ID: ALPS07884130.

Published: November 05, 2023; 11:15:07 PM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-32818

In vdec, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08163896 & ALPS08013430; Issue ID: ALPS07867715.

Published: November 05, 2023; 11:15:07 PM -0500 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0:(not available)
CVE-2023-45780

In Print Service, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Published: October 30, 2023; 2:15:10 PM -0400 		V4.0:(not available)
 V3.1: 7.3 HIGH
V2.0:(not available)
CVE-2023-40101

In collapse of canonicalize_md.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: October 30, 2023; 2:15:10 PM -0400 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-21398

In sdksandbox, there is a possible strandhogg style overlay attack due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: October 30, 2023; 2:15:09 PM -0400 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-21397

In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Published: October 30, 2023; 2:15:09 PM -0400 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0:(not available)