Lucene search
K

750 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.8 views

CVE-2023-21110

In several functions of SnoozeHelper.java, there is a possible way to grant notifications access due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS6.8AI score0.00091EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.6 views

CVE-2023-21098

In multiple functions of AccountManagerService.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.2AI score0.00101EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.4 views

CVE-2023-21093

In extractRelativePath of FileUtils.java, there is a possible way to access files in a directory belonging to other applications due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.7AI score0.00101EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.5 views

CVE-2023-21097

In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

7.8CVSS6.9AI score0.00199EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.4 views

CVE-2023-21089

In startInstrumentation of ActivityManagerService.java, there is a possible way to keep the foreground service alive while the app is in the background. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.7AI score0.00091EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.5 views

CVE-2023-21082

In getNumberFromCallIntent of NewOutgoingCallIntentBroadcaster.java, there is a possible way to enumerate other user's contact phone number due to a confused deputy. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for...

5.5CVSS5.5AI score0.00082EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:7 a.m.5 views

CVE-2023-20993

In multiple functions of SnoozeHelper.java, there is a possible failure to persist settings due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS6.8AI score0.00095EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:7 a.m.4 views

CVE-2023-20967

In avdtscbhdlpktnofrag of avdtscbact.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

7.8CVSS6.8AI score0.00091EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:7 a.m.5 views

CVE-2023-20963

In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519...

7.8CVSS6.8AI score0.01445EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:7 a.m.5 views

CVE-2023-20950

In AlarmManagerActivity of AlarmManagerActivity.java, there is a possible way to bypass background activity launch restrictions via a pendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.8AI score0.00084EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:7 a.m.6 views

CVE-2023-20943

In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...

7.8CVSS6.7AI score0.00184EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:7 a.m.6 views

CVE-2023-20932

In onCreatePreferences of EditInfoFragment.java, there is a possible way to read contacts belonging to other users due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

3.3CVSS5.4AI score0.00107EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:7 a.m.3 views

CVE-2023-20931

In avdtscbhdlwritereq of avdtscbact.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

7.8CVSS7.1AI score0.00097EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:6 a.m.5 views

CVE-2023-20917

In onTargetSelected of ResolverActivity.java, there is a possible way to share a wrong file due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS6.8AI score0.00124EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:3 a.m.3 views

CVE-2023-21124

In run of multiple files, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

7.8CVSS6.8AI score0.00105EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:0 a.m.5 views

CVE-2023-21144

In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or service due to long running operations. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.5CVSS6.6AI score0.00741EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:39 a.m.1 views

CVE-2023-21143

In multiple functions of multiple files, there is a possible way to make the device unusable due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

5.5CVSS6AI score0.00085EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:25 a.m.3 views

CVE-2023-21099

In multiple methods of PackageInstallerSession.java, there is a possible way to start foreground services from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.8AI score0.00095EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:36 p.m.6 views

CVE-2022-20492

In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS6.8AI score0.00269EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:36 p.m.4 views

CVE-2022-20485

In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS6.8AI score0.0012EPSS
Exploits0References1
Rows per page
Query Builder