158 matches found
PT-2023-17989 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a possible out of bounds read in the on remove iso data path function of btm iso impl.h due to improper input validation. This could lead to local information disclosure with no...
Google Pixel 竞争条件问题漏洞
Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that originates in installKey in KeyUtil.cpp, where file encryption may fail due to a competitive condition, which could lead to local information disclosure...
Google Pixel 安全漏洞
Google Pixel is a smartphone from Google, Inc. in the United States. Google Pixel suffers from a security vulnerability that originates in requestAppKeyboardShortcuts in WindowManagerService.java, where a lack of permission checking allows users to interact with the application, which could lead ...
Google Pixel 安全漏洞
Google Pixel is a smartphone from Google, Inc USA. A security vulnerability exists in Google Pixel, which originates in parseSecurityParamsFromXml in XmlUtil.java, where file encryption may fail due to a competitive condition, which could lead to local information disclosure...
Google Pixel 缓冲区错误漏洞
Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that stems from a possible out-of-bounds read in removesdprecord in btifsdpserver.cc due to incorrect bounds checking, which could lead to local information disclosure...
CVE-2023-21142
In multiple files, there is a possible way to access traces in the dev mode due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...
CVE-2023-21141
In several functions of several files, there is a possible way to access developer mode traces due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
PT-2023-17588 · Wlan · Wlan
Name of the Vulnerable Software and Affected Versions: Wlan affected versions not specified Description: The issue is related to a possible out of bounds read in wlan due to a missing bounds check. This could lead to local information disclosure, requiring System execution privileges for...
MediaTek 芯片缓冲区错误漏洞
MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips that stems from a lack of boundary checking, which could lead to out-of-bounds reads. An attacker could exploit this vulnerability to disclose local information. The...
MediaTek 芯片缓冲区错误漏洞
MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips that stems from a lack of boundary checking, which could lead to out-of-bounds reads. An attacker could exploit this vulnerability to disclose local information. The...
CVE-2023-21009
In multiple locations of p2piface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...
CVE-2023-21011
In multiple locations of p2piface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...
CVE-2023-20973
In btmcreateconncancelcomplete of btmsec.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android I...
PT-2023-17741 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: The issue is related to a possible out of bounds write due to a missing bounds check in the A2DP BuildCodecHeaderSbc function of a2dp sbc.cc. This could lead to local information...
PT-2023-17744 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-12 through Android-13 Description: The issue is related to a possible out of bounds write in the C2SurfaceSyncObj.cpp import due to a missing bounds check. This could lead to local information disclosure, requiring...
UNISOC Chipsets 安全漏洞
UNISOC Chipsets is a chipset from China's Unisplendour UNISOC. A security vulnerability exists in the UNISOC Chipsets telephony module that stems from a lack of privilege checking. This could lead to the disclosure of local information without the need for additional execute privileges...
CVE-2023-20648
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628612; Issue ID: ALPS07628612...
CVE-2023-20932
In onCreatePreferences of EditInfoFragment.java, there is a possible way to read contacts belonging to other users due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
SUSE CVE-2017-7495
fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs-flushing-before-commit list, which allows local users to obtain sensitive information from other users' files in opportunistic circumstances by waiting for a hardware reset, creating a new...
SUSE CVE-2021-0170
Exposure of Sensitive Information to an Unauthorized Actor in firmware for some IntelR PROSet/Wireless Wi-Fi in multiple operating systems and some KillerTM Wi-Fi in Windows 10 and 11 may allow an authenticated user to potentially enable information disclosure via local access...