3721 matches found
CVE-2023-21036
The CVE-2023-21036 issue affects Google Pixel devices' Markup tool (BitmapExport.java) where a logic error prevents proper truncation of image data after edits, potentially leaving remnants of the original image in cropped/edited PNGs. Public sources (NVD/NVD entry, CVE lists) describe a local, p...
CVE-2023-21036
In BitmapExport.java, there is a possible failure to truncate images due to a logic error in the code.Product: AndroidVersions: Android kernelAndroid ID: A-264261868References: N/A...
CVE-2023-21073
In rttunpackxtlvcbfn of dhdrtt.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2023-21072
In rttunpackxtlvcbfn of dhdrtt.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
PT-2023-17831 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to an incorrect bounds check in the append to params function of param util.c, which could lead to a possible out of bounds write. This might result in local escalation of privilege without...
CVE-2022-42498
In Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2023-21038
In cs40l2xcptriggerqueueshow of cs40l2x.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
SUSE CVE-2022-20567
In pppol2tpcreate of l2tpppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2023-20938
In bindertransactionbufferrelease of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2023-20938
In bindertransactionbufferrelease of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
DEBIAN-CVE-2023-20938
In bindertransactionbufferrelease of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
UBUNTU-CVE-2023-20937
In several functions of the Android Linux kernel, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2023-20938
In bindertransactionbufferrelease of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
Input validation
In bindertransactionbufferrelease of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
UBUNTU-CVE-2023-20938
In bindertransactionbufferrelease of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2023-20938
In bindertransactionbufferrelease of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2023-20937
In several functions of the Android Linux kernel, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
K19473400: Linux Kernel vulnerability CVE-2018-9516
Security Advisory Description In hiddebugeventsread of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5874-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5874-1 advisory. It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. ...
SUSE CVE-2015-9016
In blkmqtagtorq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blkmqcompleterequest. This could lead to local escalation of privilege. Product: Android. Versions: Android kernel. Android ID: A-63083046...