1423 matches found
CVE-2022-32643
In ccd, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341261; Issue ID: ALPS07341261.
CVE-2022-39082
In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.
CVE-2022-47323
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
CVE-2022-47324
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
CVE-2022-47325
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
CVE-2022-47341
In engineermode services, there is a missing permission check. This could lead to local escalation of privilege with system execution privileges needed.
CVE-2022-47354
In log service, there is a missing permission check. This could lead to local denial of service in log service.
CVE-2022-47369
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
CVE-2022-47451
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
CVE-2022-48234
In FM service , there is a possible missing params check. This could lead to local denial of service in FM service .
CVE-2022-48241
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
CVE-2022-48243
In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
CVE-2022-48374
In tee service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
CVE-2023-20609
In ccu, there is a possible out of bounds read due to a logic error. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07570864; Issue ID: ALPS07570864.
CVE-2023-20648
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628612; Issue ID: ALPS07628612.
CVE-2023-20661
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560782; Issue ID: ALPS07560782.
CVE-2023-20662
In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560765; Issue ID: ALPS07560765.
CVE-2023-20666
In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310651; Issue ID: ALPS07292173.
CVE-2023-20711
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581668; Issue ID: ALPS07581668.
CVE-2023-20725
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 o...
CVE-2023-20727
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588531; Issue ID: ALPS07588531.
CVE-2023-20785
In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628524; Issue ID: ALPS07628524.
CVE-2023-20977
In btm_ble_read_remote_features_complete of btm_ble_gap.cc, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if the firmware were compromised with System execution privileges needed. User interaction is not needed for exploitat...
CVE-2023-20986
In btm_ble_clear_resolving_list_completecomplete of btm_ble_privacy.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVers...
CVE-2023-21014
In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-25...
CVE-2023-21025
In ufdt_local_fixup_prop of ufdt_overlay.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android I...
CVE-2023-21038
In cs40l2x_cp_trigger_queue_show of cs40l2x.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid I...
CVE-2023-21042
In (TBD) of (TBD), there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239873326References: ...
CVE-2023-21045
When cpif handles probe failures, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-259323725R...
CVE-2023-21046
In ConvertToHalMetadata of aidl_utils.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid...
CVE-2023-21078
In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-254...
CVE-2023-21321
In Package Manager, there is a possible cross-user settings disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-21328
In Package Installer, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-30936
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
CVE-2023-32808
In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. This could lead to local leak of sensitive information with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07849751; ...
CVE-2023-40634
In phasechecksercer, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
CVE-2023-40640
In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
CVE-2023-40648
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42636
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42640
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-42649
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
CVE-2023-44123
The vulnerability is the use of implicit PendingIntents with the PendingIntent.FLAG_MUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Bluetooth ("com.lge.bluetoothsetting") app. The attacker's app, if it had access to app notifications, could interc...
CVE-2022-20213
In ApplicationsDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking/overlay attack. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 A...
CVE-2022-32647
In ccu, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07554646; Issue ID: ALPS07554646.
CVE-2022-39116
In sprd_sysdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
CVE-2022-44419
In modem, there is a possible missing verification of NAS Security Mode Command Replay Attacks in LTE. This could local denial of service with no additional execution privileges.
CVE-2022-44447
In wlan driver, there is a possible null pointer dereference issue due to a missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-47333
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
CVE-2022-47365
In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-47368
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.