Lucene search
K

14 matches found

NVD
NVD
added 2024/04/22 3:15 p.m.17 views

CVE-2023-38301

An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. Various software builds for the BLU View 2, Boost Mobile Celero 5G, Sharp Rouvo V, Motorola Moto G Pure, Motorola Moto G Power, T-Mobile Revvl 6 Pro 5G, and...

3.4CVSS6.4AI score0.00165EPSS
Exploits0References1
NVD
NVD
added 2024/04/22 3:15 p.m.26 views

CVE-2023-38296

Various software builds for the following TCL 30Z and TCL A3X devices leak the ICCID to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining non-resettable device identifiers...

8CVSS6.4AI score0.00266EPSS
Exploits0References1
NVD
NVD
added 2024/04/22 3:15 p.m.28 views

CVE-2023-38294

Certain software builds for the Itel Vision 3 Turbo Android device contain a vulnerable pre-installed app with a package name of com.transsion.autotest.factory versionCode='7', versionName='1.8.02203101027' that allows local third-party apps to execute arbitrary shell commands in its context syst...

6.1CVSS6.9AI score0.00173EPSS
Exploits0References2
NVD
NVD
added 2024/04/22 3:15 p.m.9 views

CVE-2023-38295

Certain software builds for the TCL 30Z and TCL 10 Android devices contain a vulnerable, pre-installed app that relies on a missing permission that provides no protection at runtime. The missing permission is required as an access permission by components in various pre-installed apps. On the TCL...

7.8CVSS6.7AI score0.00183EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/22 12:0 a.m.13 views

CVE-2023-38295

Certain software builds for the TCL 30Z and TCL 10 Android devices contain a vulnerable, pre-installed app that relies on a missing permission that provides no protection at runtime. The missing permission is required as an access permission by components in various pre-installed apps. On the TCL...

7.1AI score0.00183EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/22 12:0 a.m.26 views

CVE-2023-38296

Various software builds for the following TCL 30Z and TCL A3X devices leak the ICCID to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining non-resettable device identifiers...

6.6AI score0.00266EPSS
Exploits0References1
CVE
CVE
added 2024/04/22 12:0 a.m.59 views

CVE-2023-38293

CVE-2023-38293 concerns Nokia C200/C100 devices with a pre-installed com.tracfone.tfstatus app. It allows local third-party apps to inject and execute arbitrary AT commands in the radio context by exploiting two input/injection techniques via a broadcast to com.tracfone.tfstatus/.TFStatus, with n...

7.3CVSS7.7AI score0.00785EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/22 12:0 a.m.31 views

CVE-2023-38294

Certain software builds for the Itel Vision 3 Turbo Android device contain a vulnerable pre-installed app with a package name of com.transsion.autotest.factory versionCode='7', versionName='1.8.02203101027' that allows local third-party apps to execute arbitrary shell commands in its context syst...

7.1AI score0.00173EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/22 12:0 a.m.24 views

CVE-2023-38292

Certain software builds for the TCL 20XE Android device contain a vulnerable, pre-installed app with a package name of com.tct.gcs.hiddenmenuproxy versionCode='2', versionName='v11.0.1.0.0201.0' that allows local third-party apps to programmatically perform a factory reset due to inadequate acces...

6.4AI score0.0036EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/22 12:0 a.m.12 views

CVE-2023-38294

Certain software builds for the Itel Vision 3 Turbo Android device contain a vulnerable pre-installed app with a package name of com.transsion.autotest.factory versionCode='7', versionName='1.8.02203101027' that allows local third-party apps to execute arbitrary shell commands in its context syst...

7.2AI score0.00173EPSS
Exploits0References2
CVE
CVE
added 2024/04/22 12:0 a.m.52 views

CVE-2023-38298

CVE-2023-38298 affects TCL devices: 30Z, A3X, 20XE, and 10L. A high-privilege process leaks the IMEI to the system property gsm.device.imei0 , which can be read by any local app without permissions. This enables indirect IMEI exposure by non-privileged apps. Affected builds include specific TCL d...

8.8CVSS6.6AI score0.00454EPSS
Exploits0References1
CVE
CVE
added 2024/04/22 12:0 a.m.48 views

CVE-2023-38295

The CVE-2023-38295 entries describe a local privilege escalation in TCL Android devices (TCL 30Z and TCL 10L) caused by a vulnerable pre-installed app (com.tcl.screenrecorder on TCL 30Z and com.tcl.sos on TCL 10L) that lacks a runtime permission. A third-party app can declare and request the miss...

7.8CVSS7AI score0.00183EPSS
Exploits0References1
CVE
CVE
added 2024/04/22 12:0 a.m.58 views

CVE-2023-38290

CVE-2023-38290 affects BLU View 2 and Sharp Rouvo V Android devices due to a vulnerable pre-installed com.evenwell.fqc app. The issue: inadequate access control lets local third-party apps execute arbitrary shell commands in the app’s system context without special permissions, enabling actions s...

7.8CVSS7.3AI score0.00192EPSS
Exploits0References1
CVE
CVE
added 2024/04/22 12:0 a.m.53 views

CVE-2023-38292

CVE-2023-38292 affects TCL 20XE devices with vulnerable pre-installed app com.tct.gcs.hiddenmenuproxy (versionCode 2, versionName v11.0.1.0.0201.0). The issue allows local third-party apps to initiate a programmatic factory reset by sending a broadcast to the exported com.tct.gcs.hiddenmenuproxy/...

8.7CVSS6.4AI score0.0036EPSS
Exploits0References1
Rows per page
Query Builder