Lucene search
K

2494 matches found

Cvelist
Cvelist
added 2023/06/15 12:0 a.m.20 views

CVE-2023-21142

In multiple files, there is a possible way to access traces in the dev mode due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

5.4AI score0.00083EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/15 12:0 a.m.28 views

CVE-2023-21131

In checkKeyIntentParceledCorrectly of ActivityManagerService.java, there is a possible bypass of Parcel Mismatch mitigations due to a logic error in the code. This could lead to local escalation of privilege and the ability to launch arbitrary activities in settings with no additional execution...

8AI score0.0009EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/15 12:0 a.m.28 views

CVE-2023-21136

In multiple functions of JobStore.java, there is a possible way to cause a crash on startup due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

5.6AI score0.00107EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/15 12:0 a.m.27 views

CVE-2023-21144

In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or service due to long running operations. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.6AI score0.00741EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/15 12:0 a.m.15 views

CVE-2023-21115

In btmsecencryptchange of btmsec.cc, there is a possible way to downgrade the link key type due to improperly used crypto. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

6.9AI score0.00105EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/15 12:0 a.m.22 views

CVE-2023-21141

In several functions of several files, there is a possible way to access developer mode traces due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

5.4AI score0.00083EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/15 12:0 a.m.13 views

CVE-2023-21121

In onResume of AppManagementFragment.java, there is a possible way to prevent users from forgetting a previously connected VPN due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.9AI score0.00083EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/15 12:0 a.m.8 views

CVE-2023-21128

In various functions of AppStandbyController.java, there is a possible way to break manageability scenarios due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

6.7AI score0.0009EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/15 12:0 a.m.20 views

CVE-2023-21138

In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for...

7.9AI score0.00083EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/15 12:0 a.m.17 views

CVE-2023-21128

In various functions of AppStandbyController.java, there is a possible way to break manageability scenarios due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.9AI score0.0009EPSS
Exploits0References1
CVE
CVE
added 2023/06/15 12:0 a.m.139 views

CVE-2023-21137

CVE-2023-21137 affects Android platforms (Android 11, 12, 12L, 13). Root cause: uncaught exceptions in JobStore.java during job map parsing, leading to a local persistent denial of service. Impact is DoS without requiring user interaction or elevated privileges; exploitation is local. Public refe...

5.5CVSS5.3AI score0.00118EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/06/15 12:0 a.m.16 views

CVE-2023-21135

In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.9AI score0.00093EPSS
Exploits0References1
CVE
CVE
added 2023/06/15 12:0 a.m.156 views

CVE-2023-21124

CVE-2023-21124 affects the Android System component. It describes an elevation of privilege via unsafe deserialization in the execution of multiple files, with local exploitability and no user interaction. The vulnerability is listed for Android 11–Android 13 (AOSP updated versions 11, 12, 12L, 1...

7.8CVSS7.7AI score0.00105EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/15 12:0 a.m.10 views

CVE-2023-21124

In run of multiple files, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

6.7AI score0.00105EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/15 12:0 a.m.15 views

CVE-2023-21124

In run of multiple files, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

8AI score0.00105EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/15 12:0 a.m.16 views

CVE-2023-21143

In multiple functions of multiple files, there is a possible way to make the device unusable due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

6.3AI score0.00085EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/06/15 12:0 a.m.18 views

CVE-2023-21143

In multiple functions of multiple files, there is a possible way to make the device unusable due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

5.6AI score0.00085EPSS
Exploits0References1
NVD
NVD
added 2023/05/15 10:15 p.m.30 views

CVE-2023-21116

In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...

6.7CVSS6.6AI score0.00091EPSS
Exploits0References1
NVD
NVD
added 2023/05/15 10:15 p.m.22 views

CVE-2023-21118

In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12...

6.2CVSS5.2AI score0.00201EPSS
Exploits0References1
NVD
NVD
added 2023/05/15 10:15 p.m.20 views

CVE-2023-20914

In onSetRuntimePermissionGrantStateByDeviceAdmin of AdminRestrictedPermissionsUtils.java, there is a possible way for the work profile to read SMS messages due to a permissions bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is not...

5.5CVSS5AI score0.0006EPSS
Exploits0References1
Rows per page
Query Builder