Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-48408 |
In ProtocolNetSimFileInfoAdapter() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. Published: December 08, 2023; 11:15:17 AM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-48407 |
there is a possible DCK won't be deleted after factory reset due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 08, 2023; 11:15:17 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-48406 |
there is a possible permanent DoS or way for the modem to boot unverified firmware due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Published: December 08, 2023; 11:15:17 AM -0500 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-48405 |
there is a possible way for the secure world to write to NS memory due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Published: December 08, 2023; 11:15:17 AM -0500 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-48404 |
In ProtocolMiscCarrierConfigSimInfoIndAdapter of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 08, 2023; 11:15:17 AM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-48403 |
In sms_DecodeCodedTpMsg of sms_PduCodec.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure if the attacker is able to observe the behavior of the subsequent switch conditional with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 08, 2023; 11:15:17 AM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-48402 |
In ppcfw_enable of ppcfw.c, there is a possible EoP due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 08, 2023; 11:15:16 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-48401 |
In GetSizeOfEenlRecords of protocoladapter.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 08, 2023; 11:15:16 AM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-48399 |
In ProtocolMiscATCommandAdapter::Init() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. Published: December 08, 2023; 11:15:16 AM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-48398 |
In ProtocolNetAcBarringInfo::ProtocolNetAcBarringInfo() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. Published: December 08, 2023; 11:15:16 AM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-48397 |
In Init of protocolcalladapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Published: December 08, 2023; 11:15:16 AM -0500 |
V3.1: 4.9 MEDIUM V2.0:(not available) |
CVE-2023-45779 |
In the APEX module framework of AOSP, there is a possible malicious update to platform components due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. More details on this can be found in the referenced links. Published: December 04, 2023; 6:15:26 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-35690 |
In RGXDestroyHWRTData of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:23 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21403 |
In RGXDestroyZSBufferKM of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:23 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21402 |
In MMU_UnmapPages of mmu_common.c, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:23 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21401 |
In DevmemIntChangeSparse of devicemem_server.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:22 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21263 |
In OSMMapPMRGeneric of pmr_os.c, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:22 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21228 |
In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:22 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-21227 |
In HTBLogKM of htbserver.c, there is a possible information disclosure due to log information disclosure. This could lead to local information disclosure in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:22 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-21218 |
In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Published: December 04, 2023; 6:15:22 PM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |