Lucene search
K

557 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.4 views

CVE-2023-21128

In various functions of AppStandbyController.java, there is a possible way to break manageability scenarios due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS6.8AI score0.0009EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.3 views

CVE-2023-21123

In multiple functions of multiple files, there is a possible way to bypass the DISALLOWDEBUGGINGFEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.7AI score0.00105EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.5 views

CVE-2023-21108

In sdpubuilduuidseq of sdpdiscovery.cc, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

8.8CVSS7.9AI score0.00239EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.6 views

CVE-2023-21107

In retrieveAppEntry of NotificationAccessDetails.java, there is a missing permission check. This could lead to local escalation of privilege across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

7.8CVSS6.7AI score0.00086EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.4 views

CVE-2023-21109

In multiple places of AccessibilityService, there is a possible way to hide the app from the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS6.7AI score0.00127EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.6 views

CVE-2023-21116

In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...

6.7CVSS6.6AI score0.00091EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.4 views

CVE-2023-21136

In multiple functions of JobStore.java, there is a possible way to cause a crash on startup due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

5.5CVSS6AI score0.00107EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.4 views

CVE-2023-21098

In multiple functions of AccountManagerService.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS7.2AI score0.00101EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.3 views

CVE-2023-21096

In OnWakelockReleased of attributionprocessor.cc, there is a use after free that could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-254774758...

9.8CVSS7.8AI score0.00467EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.4 views

CVE-2023-21093

In extractRelativePath of FileUtils.java, there is a possible way to access files in a directory belonging to other applications due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.7AI score0.00101EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.5 views

CVE-2023-21104

In applySyncTransaction of WindowOrganizer.java, a missing permission check could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-259938771...

5.5CVSS5.5AI score0.00082EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.5 views

CVE-2023-21097

In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

7.8CVSS6.9AI score0.00199EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.4 views

CVE-2023-21089

In startInstrumentation of ActivityManagerService.java, there is a possible way to keep the foreground service alive while the app is in the background. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.7AI score0.00091EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.5 views

CVE-2023-21088

In deliverOnFlushComplete of LocationProviderManager.java, there is a possible way to bypass background activity launch restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo...

7.8CVSS6.8AI score0.00099EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.6 views

CVE-2023-21095

In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

4.7CVSS6.6AI score0.00064EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:8 a.m.5 views

CVE-2023-21082

In getNumberFromCallIntent of NewOutgoingCallIntentBroadcaster.java, there is a possible way to enumerate other user's contact phone number due to a confused deputy. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for...

5.5CVSS5.5AI score0.00082EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:7 a.m.5 views

CVE-2023-20993

In multiple functions of SnoozeHelper.java, there is a possible failure to persist settings due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS6.8AI score0.00095EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:7 a.m.4 views

CVE-2023-20967

In avdtscbhdlpktnofrag of avdtscbact.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

7.8CVSS6.8AI score0.00091EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:7 a.m.5 views

CVE-2023-20963

In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519...

7.8CVSS6.8AI score0.01445EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:7 a.m.4 views

CVE-2023-20950

In AlarmManagerActivity of AlarmManagerActivity.java, there is a possible way to bypass background activity launch restrictions via a pendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.8AI score0.00084EPSS
Exploits0References1
Rows per page
Query Builder