Lucene search
K

411 matches found

CVE
CVE
added 2023/04/19 12:0 a.m.156 views

CVE-2023-20941

CVE-2023-20941 : In the Android kernel, the function acc_ctrlrequest_composite in f_accessory.c has an out-of-bounds write due to a missing bounds check. This could enable elevation of privilege with user interaction required. The impact is reported as a physical escalation of privilege with high...

6.6CVSS6.5AI score0.00189EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2023/04/19 12:0 a.m.17 views

CVE-2023-20941

In accctrlrequestcomposite of faccessory.c, there is a possible out of bounds write due to a missing bounds check. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android...

6.6CVSS6.6AI score0.00189EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/03/03 3:55 a.m.1 views

SUSE CVE-2022-20567

In pppol2tpcreate of l2tpppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

6.4CVSS6.9AI score0.0011EPSS
Exploits0References8
NVD
NVD
added 2023/02/28 5:15 p.m.18 views

CVE-2023-20938

In bindertransactionbufferrelease of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

8.1CVSS7.7AI score0.00332EPSS
Exploits1References1
OSV
OSV
added 2023/02/28 5:15 p.m.3 views

DEBIAN-CVE-2023-20938

In bindertransactionbufferrelease of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

7.8CVSS6.6AI score0.00332EPSS
Exploits1References1
OSV
OSV
added 2023/02/28 5:15 p.m.1 views

UBUNTU-CVE-2023-20938

In bindertransactionbufferrelease of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

8.1CVSS6.8AI score0.00332EPSS
Exploits1References14
Prion
Prion
added 2023/02/28 5:15 p.m.16 views

Memory corruption

In several functions of the Android Linux kernel, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

4.3CVSS7.5AI score0.00217EPSS
Exploits4References2
Prion
Prion
added 2023/02/28 5:15 p.m.19 views

Input validation

In bindertransactionbufferrelease of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

4.3CVSS7.5AI score0.00332EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2023/02/28 5:15 p.m.75 views

CVE-2023-20938

In bindertransactionbufferrelease of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

8.1CVSS7AI score0.00332EPSS
Exploits1References13
OSV
OSV
added 2023/02/28 5:15 p.m.3 views

UBUNTU-CVE-2023-20937

In several functions of the Android Linux kernel, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

7.8CVSS5.9AI score0.00217EPSS
Exploits4References11
CVE
CVE
added 2023/02/28 12:0 a.m.187 views

CVE-2023-20937

CVE-2023-20937 concerns memory corruption via a use-after-free in several functions of the Android Linux kernel, enabling local privilege escalation with no user interaction required. The vulnerability is described across multiple sources as affecting the Android kernel and related MM subsystems,...

7.8CVSS7.4AI score0.00217EPSS
Exploits4References2Affected Software1
Debian CVE
Debian CVE
added 2023/02/28 12:0 a.m.45 views

CVE-2023-20938

In bindertransactionbufferrelease of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

8.1CVSS6.6AI score0.00332EPSS
Exploits1
Debian CVE
Debian CVE
added 2023/02/28 12:0 a.m.34 views

CVE-2023-20937

In several functions of the Android Linux kernel, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

7.8CVSS7.5AI score0.00217EPSS
Exploits4
SUSE CVE
SUSE CVE
added 2023/02/15 4:40 a.m.2 views

SUSE CVE-2017-13215

A elevation of privilege vulnerability in the Upstream kernel skcipher. Product: Android. Versions: Android kernel. Android ID: A-64386293. References: Upstream kernel...

5.3CVSS7.8AI score0.00308EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:40 a.m.2 views

SUSE CVE-2017-13220

An elevation of privilege vulnerability in the Upstream kernel bluez. Product: Android. Versions: Android kernel. Android ID: A-63527053...

5.3CVSS8.2AI score0.0028EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:40 a.m.2 views

SUSE CVE-2017-13305

A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974...

4CVSS6.8AI score0.00318EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.2 views

SUSE CVE-2018-9363

In the hidpprocessreport in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream...

8CVSS7.8AI score0.00435EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.2 views

SUSE CVE-2018-9568

In skclonelock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID:...

7.4CVSS7AI score0.00715EPSS
Exploits0References24
SUSE CVE
SUSE CVE
added 2023/02/15 4:19 a.m.2 views

SUSE CVE-2019-2024

In em28xxunregisterdvb of em28xx-dvb.c, there is a possible use after free issue. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

6.2CVSS8AI score0.00221EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 4:4 a.m.3 views

SUSE CVE-2020-0110

In psiwrite of psi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

7.8CVSS6.7AI score0.00182EPSS
Exploits0References5
Rows per page
Query Builder