Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-21298 |
In Slice, there is a possible disclosure of installed applications due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Published: October 30, 2023; 1:15:47 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-21297 |
In SEPolicy, there is a possible way to access the factory MAC address due to a permissions bypass. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Published: October 30, 2023; 1:15:47 PM -0400 |
V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2023-21296 |
In Permission, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Published: October 30, 2023; 1:15:47 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-21295 |
In SliceManagerService, there is a possible way to check if a content provider is installed due to a missing null check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Published: October 30, 2023; 1:15:47 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-21294 |
In Slice, there is a possible disclosure of installed packages due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Published: October 30, 2023; 1:15:47 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-21293 |
In PackageManagerNative, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Published: October 30, 2023; 1:15:47 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-20264 |
In Usage Stats Service, there is a possible way to determine whether an app is installed, without query permissions due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Published: October 30, 2023; 1:15:47 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2021-39810 |
In NFC, there is a possible way to setup a default contactless payment app without user consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Published: October 30, 2023; 1:15:47 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-35663 |
In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Published: October 18, 2023; 4:15:08 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-35656 |
In multiple functions of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Published: October 18, 2023; 4:15:08 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-3781 |
there is a possible use-after-free write due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Published: October 11, 2023; 5:15:09 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-40142 |
In TBD of TBD, there is a possible way to bypass carrier restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Published: October 11, 2023; 4:15:10 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-40141 |
In temp_residency_name_store of thermal_metrics.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Published: October 11, 2023; 4:15:10 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-35662 |
there is a possible out of bounds write due to buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Published: October 11, 2023; 4:15:10 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-35661 |
In ProfSixDecomTcpSACKoption of RohcPacketCommon.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Published: October 11, 2023; 4:15:10 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-35660 |
In lwis_transaction_client_cleanup of lwis_transaction.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Published: October 11, 2023; 4:15:10 PM -0400 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-35655 |
In CanConvertPadV2Op of darwinn_mlir_converter_aidl.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Published: October 11, 2023; 4:15:10 PM -0400 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-35654 |
In ctrl_roi of stmvl53l1_module.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Published: October 11, 2023; 4:15:10 PM -0400 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-35653 |
In TBD of TBD, there is a possible way to access location information due to a permissions bypass. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Published: October 11, 2023; 4:15:10 PM -0400 |
V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2023-35652 |
In ProtocolEmergencyCallListIndAdapter::Init of protocolcalladapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. Published: October 11, 2023; 4:15:10 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |