Lucene search
K

850 matches found

NVD
NVD
added 2023/06/15 7:15 p.m.18 views

CVE-2023-21105

In multiple functions of ChooserActivity.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

5.5CVSS5.1AI score0.00103EPSS
Exploits0References1
NVD
NVD
added 2023/06/15 7:15 p.m.20 views

CVE-2023-21115

In btmsecencryptchange of btmsec.cc, there is a possible way to downgrade the link key type due to improperly used crypto. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

8.8CVSS8.7AI score0.00105EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/06/15 7:15 p.m.2 views

CVE-2023-21128

In various functions of AppStandbyController.java, there is a possible way to break manageability scenarios due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS7.2AI score0.0009EPSS
Exploits0References2
NVD
NVD
added 2023/06/15 7:15 p.m.19 views

CVE-2023-21135

In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS7.8AI score0.00093EPSS
Exploits0References1
NVD
NVD
added 2023/06/15 7:15 p.m.33 views

CVE-2023-21131

In checkKeyIntentParceledCorrectly of ActivityManagerService.java, there is a possible bypass of Parcel Mismatch mitigations due to a logic error in the code. This could lead to local escalation of privilege and the ability to launch arbitrary activities in settings with no additional execution...

7.8CVSS7.8AI score0.0009EPSS
Exploits0References1
NVD
NVD
added 2023/06/15 7:15 p.m.18 views

CVE-2023-21127

In readSampleData of NuMediaExtractor.cpp, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

8.8CVSS8.9AI score0.0047EPSS
Exploits0References1
NVD
NVD
added 2023/06/15 7:15 p.m.22 views

CVE-2023-21129

In getFullScreenIntentDecision of NotificationInterruptStateProviderImpl.java, there is a possible activity launch while the app is in the background due to a BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed fo...

7.8CVSS7.7AI score0.001EPSS
Exploits0References1
NVD
NVD
added 2023/06/15 7:15 p.m.18 views

CVE-2023-21108

In sdpubuilduuidseq of sdpdiscovery.cc, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

8.8CVSS8.9AI score0.00239EPSS
Exploits0References1
NVD
NVD
added 2023/06/15 7:15 p.m.33 views

CVE-2023-21095

In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

4.7CVSS4.8AI score0.00064EPSS
Exploits0References1
NVD
NVD
added 2023/06/15 7:15 p.m.21 views

CVE-2023-21124

In run of multiple files, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

7.8CVSS7.8AI score0.00105EPSS
Exploits0References1
NVD
NVD
added 2023/06/15 7:15 p.m.37 views

CVE-2023-21128

In various functions of AppStandbyController.java, there is a possible way to break manageability scenarios due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS7.7AI score0.0009EPSS
Exploits0References1
Prion
Prion
added 2023/06/15 7:15 p.m.14 views

Design/Logic Flaw

In several methods of JobStore.java, uncaught exceptions in job map parsing could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Androi...

1.7CVSS5.3AI score0.00118EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/06/15 7:15 p.m.15 views

Input validation

In multiple functions of JobStore.java, there is a possible way to cause a crash on startup due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

1.7CVSS5.3AI score0.00107EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/06/15 7:15 p.m.17 views

Information disclosure

In multiple files, there is a possible way to access traces in the dev mode due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

1.7CVSS5.1AI score0.00083EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/06/15 7:15 p.m.18 views

Input validation

In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

4.3CVSS7.7AI score0.00093EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/06/15 7:15 p.m.13 views

Out-of-bounds

In readSampleData of NuMediaExtractor.cpp, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

6.8CVSS8.8AI score0.0047EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/06/15 7:15 p.m.15 views

Information disclosure

In several functions of several files, there is a possible way to access developer mode traces due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

1.7CVSS5.1AI score0.00083EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/06/15 7:15 p.m.16 views

Input validation

In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for...

4.3CVSS7.6AI score0.00083EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/06/15 7:15 p.m.22 views

Design/Logic Flaw

In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or service due to long running operations. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

5CVSS7.5AI score0.00741EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/06/15 7:15 p.m.15 views

Design/Logic Flaw

In multiple functions of multiple files, there is a possible way to bypass the DISALLOWDEBUGGINGFEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

4.3CVSS7.7AI score0.00105EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder