Skip to main content
CVE-2023-20953 HIGH PATCH This Week

In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to bypass factory reset protection due to incorrect UI being shown prior to setup completion. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Google Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-20947 HIGH PATCH This Week

In getGroupState of GrantPermissionsViewModel.kt, there is a possible way to keep a one-time permission granted due to a permissions bypass. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Google Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-20936 HIGH PATCH This Week

In bta_av_rc_disc_done of bta_av_act.cc, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-20931 HIGH PATCH This Week

In avdt_scb_hdl_write_req of avdt_scb_act.cc, there is a possible out of bounds write due to a heap buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-20917 HIGH PATCH This Week

In onTargetSelected of ResolverActivity.java, there is a possible way to share a wrong file due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Google Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-20911 HIGH PATCH This Week

In addPermission of PermissionManagerServiceImpl.java , there is a possible failure to persist permission settings due to resource exhaustion. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Java Privilege Escalation Denial Of Service Google Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-20906 HIGH This Week

In onPackageAddedInternal of PermissionManagerService.java, there is a possible way to silently grant a permission after a Target SDK update due to a permissions bypass. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Google Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-27055 HIGH This Week

Aver Information Inc PTZApp2 v20.01044.48 allows attackers to access sensitive files via a crafted GET request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Ptzapp 2
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-28448 HIGH PATCH This Week

Versionize is a framework for version tolerant serializion/deserialization of Rust data structures, designed for usecases that need fast deserialization times and minimal size overhead. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Deserialization Versionize
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-28444 HIGH PATCH This Week

angular-server-side-configuration helps configure an angular application at runtime on the server or in a docker container via environment variables. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Docker Angular Server Side Configuration
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-21067 HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-254114726References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-21061 HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-229255400References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-21060 HIGH This Week

In sms_GetTpPiIe of sms_PduCodec.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21059 HIGH This Week

In EUTRAN_LCS_DecodeFacilityInformationElement of LPP_LcsManagement.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21053 HIGH This Week

In sms_ExtractCbLanguage of sms_CellBroadcast.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21028 HIGH PATCH This Week

In parse_printerAttributes of ipphelper.c, there is a possible out of bounds read due to a string without a null-terminator. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21027 HIGH This Week

In multiple functions of PasspointXmlUtils.java, there is a possible authentication misconfiguration due to a logic error in the code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Authentication Bypass Android
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-28441 HIGH This Week

smartCARS 3 is flight tracking software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Smartcars 3
NVD GitHub
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-22812 HIGH This Week

SanDisk PrivateAccess versions prior to 6.4.9 support insecure TLS 1.0 and TLS 1.1 protocols which are susceptible to man-in-the-middle attacks thereby compromising confidentiality and integrity of. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Sandisk Privateaccess
NVD
CVSS 3.1
7.4
EPSS
0.3%
CVE-2023-20976 HIGH This Week

In getConfirmationMessage of DefaultAutofillPicker.java, there is a possible way to mislead the user to select default autofill application due to improper input validation. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Google Android
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2023-1176 LOW POC PATCH Monitor

Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Path Traversal Mlflow
NVD GitHub
CVSS 3.1
3.3
EPSS
0.6%
CVE-2023-21054 HIGH This Week

In EUTRAN_LCS_ConvertLCS_MOLRReq of LPP_CommonUtil.c, there is a possible out of bounds write due to a logic error in the code. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Google Android
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2023-28686 HIGH PATCH This Week

Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Dino Fedora Debian Linux
NVD
CVSS 3.1
7.1
EPSS
0.7%
CVE-2023-20926 MEDIUM PATCH This Month

In onParentVisible of HeaderPrivacyIconsController.kt, there is a possible way to bypass factory reset protections due to a missing permission check. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Privilege Escalation Google Authentication Bypass Android
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2023-21079 MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a heap buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21078 MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21077 MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21076 MEDIUM This Month

In createTransmitFollowupRequest of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21075 MEDIUM This Month

In get_svc_hash of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21073 MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21072 MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21071 MEDIUM This Month

In dhd_prot_ioctcmplt_process of dhd_msgbuf.c, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21070 MEDIUM This Month

In add_roam_cache_list of wl_roam.c, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21069 MEDIUM This Month

In wl_update_hidden_ap_ie of wl_cfgscan.c, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21065 MEDIUM This Month

In fdt_next_tag of fdt.c, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21064 MEDIUM This Month

In DoSetPinControl of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21063 MEDIUM This Month

In ParseWithAuthType of simdata.cpp, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21062 MEDIUM This Month

In DoSetTempEcc of imsservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21056 MEDIUM This Month

In lwis_slc_buffer_free of lwis_device_slc.c, there is a possible memory corruption due to type confusion. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21052 MEDIUM This Month

In setToExternal of ril_external_client.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21051 MEDIUM This Month

In dwc3_exynos_clk_get of dwc3-exynos.c, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Privilege Escalation Samsung Memory Corruption +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21050 MEDIUM This Month

In load_png_image of ExynosHWCHelper.cpp, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21043 MEDIUM This Month

In (TBD) of (TBD), there is a possible way to corrupt memory due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Google Use After Free Privilege Escalation Memory Corruption +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21042 MEDIUM This Month

In (TBD) of (TBD), there is a possible way to corrupt memory due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Google Use After Free Privilege Escalation Memory Corruption +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21038 MEDIUM This Month

In cs40l2x_cp_trigger_queue_show of cs40l2x.c, there is a possible out of bounds write due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Google Use After Free Privilege Escalation +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21020 MEDIUM PATCH This Month

In registerSignalHandlers of main.c, there is a possible local arbitrary code execution due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Denial Of Service Google Use After Free Privilege Escalation RCE +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21018 MEDIUM PATCH This Month

In UnwindingWorker of unwinding.cc, there is a possible out of bounds write due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Google Use After Free Privilege Escalation +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20994 MEDIUM PATCH This Month

In _ufdt_output_property_to_fdt of ufdt_convert.c, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21055 MEDIUM This Month

In dit_hal_ioctl of dit.c, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Denial Of Service Google Use After Free Privilege Escalation Memory Corruption +1
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-1583 MEDIUM PATCH This Month

A NULL pointer dereference was found in io_file_bitmap_get in io_uring/filetable.c in the io_uring sub-component in the Linux Kernel. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Null Pointer Dereference Linux Linux Kernel
NVD
CVSS 3.1
5.5
EPSS
0.2%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy