ASB-A-301094654

In TBD of TBD, there is a possible malicious update to platform components due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21358

In UWB Google, there is a possible way for a malicious app to masquerade as system app com.android.uwb.resources due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2021-0341

CVE-2021-0341 affects the OkHostnameVerifier.verifyHostName path in Android (OkHostnameVerifier.java). It describes a possible acceptance of a certificate for the wrong domain due to improper crypto usage, leading to remote information disclosure without extra privileges. Affected Android version...

Design/Logic Flaw

Use-after-free vulnerability in the gnutlshandshakehashbuffersclear function in lib/gnutlshandshake.c in libgnutls in GnuTLS 2.3.5 through 2.4.0 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via TLS transmission of data that is improperly used when...