12 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-21122
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In various functions of various files, there is a possible way to bypass the DISALLOWDEBUGGINGFEATURES restriction for tracing due to a missing permission check...
CVE-2023-21122
In various functions of various files, there is a possible way to bypass the DISALLOWDEBUGGINGFEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
PT-2023-17930 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: The issue is related to improper input validation in the onNullBinding method of CallRedirectionProcessor.java, which can lead to a long-lived connection. This could result in local...
PT-2023-17899 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: The issue is related to a confused deputy in multiple functions of ChooserActivity.java, which could lead to a cross-user media read. This might result in local information disclosur...
PT-2023-17923 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: A logic error in the checkKeyIntentParceledCorrectly function of ActivityManagerService.java can lead to a bypass of Parcel Mismatch mitigations. This issue could result in local...
PT-2023-17936 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: The issue is related to improper input validation in multiple functions across several files, which can cause a device to become unusable. This can lead to a local denial of service...
CVE-2023-21094
In sanitize of LayerState.cpp, there is a possible way to take over the screen display and swap the display content due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
PT-2023-17891 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: A confused deputy issue in the toUriInner function of Intent.java allows launching an arbitrary activity, potentially leading to local escalation of privilege without requiring...
PT-2023-17743 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: In the onPrepareOptionsMenu method of AppInfoDashboardFragment.java, there is a possible way to bypass admin restrictions and uninstall applications for all users due to a missing...
PT-2023-17741 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: The issue is related to a possible out of bounds write due to a missing bounds check in the A2DP BuildCodecHeaderSbc function of a2dp sbc.cc. This could lead to local information...
PT-2023-17713 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: A possible crash loop due to resource exhaustion exists in the setMimeGroup function of PackageManagerService.java. This issue could lead to a local denial of service with no...
VulnCheck KEV: CVE-2023-21492
Samsung mobile devices running Android 11, 12, and 13 contain an insertion of sensitive information into log file vulnerability that allows a privileged, local attacker to conduct an address space layout randomization ASLR bypass...