Skip to main content

Android

7243 CVEs product

Monthly

CVE-2023-20935 MEDIUM This Month

In deserialize of multiple files, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-20909 MEDIUM This Month

In multiple functions of RunningTasks.java, there is a possible privilege escalation due to a missing privilege check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Google Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-20688 MEDIUM This Month

In power, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-20687 MEDIUM This Month

In display drm, there is a possible double free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-20686 MEDIUM This Month

In display drm, there is a possible double free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-20685 MEDIUM This Month

In vdec, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-20684 MEDIUM This Month

In vdec, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-20682 MEDIUM This Month

In wlan, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Privilege Escalation Android Yocto +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20681 MEDIUM This Month

In adsp, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20680 MEDIUM This Month

In adsp, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20679 MEDIUM This Month

In wlan, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure Android Yocto +1
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-20677 MEDIUM This Month

In wlan, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Yocto Linux Kernel
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-20676 MEDIUM This Month

In wlan, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Yocto Linux Kernel
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-20675 MEDIUM This Month

In wlan, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Yocto Linux Kernel
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-20674 MEDIUM This Month

In wlan, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Yocto Linux Kernel
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-20670 MEDIUM This Month

In audio, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20666 MEDIUM This Month

In display drm, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20665 MEDIUM This Month

In ril, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-20664 MEDIUM This Month

In gz, there is a possible double free due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Privilege Escalation Denial Of Service Memory Corruption Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20663 MEDIUM This Month

In wlan, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Privilege Escalation Android Yocto +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20662 MEDIUM This Month

In wlan, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Privilege Escalation Android Yocto +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20661 MEDIUM This Month

In wlan, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Privilege Escalation Android Yocto +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20660 MEDIUM This Month

In wlan, there is a possible out of bounds read due to an integer overflow. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Information Disclosure Android Yocto +1
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-20659 MEDIUM This Month

In wlan, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Yocto +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20658 MEDIUM This Month

In isp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20657 MEDIUM This Month

In mtee, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20656 MEDIUM This Month

In geniezone, there is a possible out of bounds write due to a logic error. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20655 HIGH This Week

In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-20654 MEDIUM This Month

In keyinstall, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20653 MEDIUM This Month

In keyinstall, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20652 MEDIUM This Month

In keyinstall, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21079 MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a heap buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21078 MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21077 MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21076 MEDIUM This Month

In createTransmitFollowupRequest of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21075 MEDIUM This Month

In get_svc_hash of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21073 MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21072 MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21071 MEDIUM This Month

In dhd_prot_ioctcmplt_process of dhd_msgbuf.c, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21070 MEDIUM This Month

In add_roam_cache_list of wl_roam.c, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21069 MEDIUM This Month

In wl_update_hidden_ap_ie of wl_cfgscan.c, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21068 HIGH This Week

In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing warning to the user. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Google Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21067 HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-254114726References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-21065 MEDIUM This Month

In fdt_next_tag of fdt.c, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21064 MEDIUM This Month

In DoSetPinControl of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21063 MEDIUM This Month

In ParseWithAuthType of simdata.cpp, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21062 MEDIUM This Month

In DoSetTempEcc of imsservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21061 HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-229255400References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-21060 HIGH This Week

In sms_GetTpPiIe of sms_PduCodec.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21059 HIGH This Week

In EUTRAN_LCS_DecodeFacilityInformationElement of LPP_LcsManagement.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21058 CRITICAL Act Now

In lcsm_SendRrAcquiAssist of lcsm_bcm_assist.c, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Google Android
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-21057 CRITICAL Act Now

In ProfSixDecomTcpSACKoption of RohcPacketCommon, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Google Android
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-21056 MEDIUM This Month

In lwis_slc_buffer_free of lwis_device_slc.c, there is a possible memory corruption due to type confusion. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21055 MEDIUM This Month

In dit_hal_ioctl of dit.c, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Denial Of Service Google Use After Free Privilege Escalation Memory Corruption +1
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2023-21054 HIGH This Week

In EUTRAN_LCS_ConvertLCS_MOLRReq of LPP_CommonUtil.c, there is a possible out of bounds write due to a logic error in the code. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Google Android
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2023-21053 HIGH This Week

In sms_ExtractCbLanguage of sms_CellBroadcast.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21052 MEDIUM This Month

In setToExternal of ril_external_client.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21051 MEDIUM This Month

In dwc3_exynos_clk_get of dwc3-exynos.c, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Privilege Escalation Samsung Memory Corruption +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21050 MEDIUM This Month

In load_png_image of ExynosHWCHelper.cpp, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21049 MEDIUM This Month

In append_camera_metadata of camera_metadata.c, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-21048 MEDIUM This Month

In handleEvent of nan.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-21047 MEDIUM This Month

In ConvertToHalMetadata of aidl_utils.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-21046 MEDIUM This Month

In ConvertToHalMetadata of aidl_utils.cc, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-21045 MEDIUM This Month

When cpif handles probe failures, there is a possible out of bounds read due to a use after free. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Google Use After Free Memory Corruption +2
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-21044 MEDIUM This Month

In init of VendorGraphicBufferMeta, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-21043 MEDIUM This Month

In (TBD) of (TBD), there is a possible way to corrupt memory due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Google Use After Free Privilege Escalation Memory Corruption +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21042 MEDIUM This Month

In (TBD) of (TBD), there is a possible way to corrupt memory due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Google Use After Free Privilege Escalation Memory Corruption +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21041 HIGH This Week

In append_to_params of param_util.c, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21040 HIGH This Week

In buildCommand of bluetooth_ccc.cc, there is a possible out of bounds write due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21039 MEDIUM This Month

In dumpstateBoard of Dumpstate.cpp, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-21038 MEDIUM This Month

In cs40l2x_cp_trigger_queue_show of cs40l2x.c, there is a possible out of bounds write due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Google Use After Free Privilege Escalation +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21036 MEDIUM This Month

In BitmapExport.java, there is a possible failure to truncate images due to a logic error in the code.Product: AndroidVersions: Android kernelAndroid ID: A-264261868References: N/A. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-21035 HIGH PATCH This Week

In multiple functions of BackupHelper.java, there is a possible way for an app to get permissions previously granted to another app with the same package name due to a permissions bypass. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Privilege Escalation Google Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21034 HIGH PATCH This Week

In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Privilege Escalation Google Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21033 MEDIUM PATCH This Month

In addNetwork of WifiManager.java, there is a possible way to trigger a persistent DoS due to resource exhaustion. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-21032 MEDIUM PATCH This Month

In _ufdt_output_node_to_fdt of ufdt_convert.c, there is a possible out of bounds read due to a heap buffer overflow. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-21031 MEDIUM This Month

In setPowerMode of HWC2.cpp, there is a possible out of bounds read due to a race condition. Rated medium severity (CVSS 4.7). No vendor patch available.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
4.7
EPSS
0.1%
CVE-2023-21030 HIGH PATCH This Week

In Confirmation of keystore_cli_v2.cpp, there is a possible way to corrupt memory due to a double free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Google Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21029 MEDIUM PATCH This Month

In register of UidObserverController.java, there is a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Information Disclosure Google Authentication Bypass Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-21028 HIGH PATCH This Week

In parse_printerAttributes of ipphelper.c, there is a possible out of bounds read due to a string without a null-terminator. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-21027 HIGH This Week

In multiple functions of PasspointXmlUtils.java, there is a possible authentication misconfiguration due to a logic error in the code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Authentication Bypass Android
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-21026 MEDIUM PATCH This Month

In updateInputChannel of WindowManagerService.java, there is a possible way to set a touchable region beyond its own SurfaceControl due to a logic error in the code. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-21025 MEDIUM PATCH This Month

In ufdt_local_fixup_prop of ufdt_overlay.c, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-21024 HIGH PATCH This Week

In maybeFinish of FallbackHome.java, there is a possible delay of lockdown screen due to logic error. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Google Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21022 HIGH PATCH This Week

In BufferBlock of Suballocation.cpp, there is a possible out of bounds write due to memory corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Privilege Escalation Google Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21021 HIGH PATCH This Week

In isTargetSdkLessThanQOrPrivileged of WifiServiceImpl.java, there is a possible way for the guest user to change admin user network settings due to a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Privilege Escalation Google Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21020 MEDIUM PATCH This Month

In registerSignalHandlers of main.c, there is a possible local arbitrary code execution due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Denial Of Service Google Use After Free Privilege Escalation RCE +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21019 MEDIUM PATCH This Month

In ih264e_init_proc_ctxt of ih264e_process.c, there is a possible out of bounds read due to a heap buffer overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2023-21018 MEDIUM PATCH This Month

In UnwindingWorker of unwinding.cc, there is a possible out of bounds write due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Google Use After Free Privilege Escalation +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-21017 HIGH PATCH This Week

In InstallStart of InstallStart.java, there is a possible way to change the installer package name due to an improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Google Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
EPSS 0% CVSS 5.5
MEDIUM This Month

In deserialize of multiple files, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In multiple functions of RunningTasks.java, there is a possible privilege escalation due to a missing privilege check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Google +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In power, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In display drm, there is a possible double free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Android
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In display drm, there is a possible double free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Privilege Escalation Android
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In vdec, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation +1
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In vdec, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Race Condition Denial Of Service Privilege Escalation +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In wlan, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Privilege Escalation +3
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In adsp, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In adsp, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Android
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In wlan, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure +3
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In wlan, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In wlan, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In wlan, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In wlan, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In audio, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In display drm, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In ril, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In gz, there is a possible double free due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Privilege Escalation Denial Of Service +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In wlan, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Privilege Escalation +3
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In wlan, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Privilege Escalation +3
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In wlan, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Privilege Escalation +3
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In wlan, there is a possible out of bounds read due to an integer overflow. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Information Disclosure +3
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In wlan, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +3
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In isp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In mtee, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In geniezone, there is a possible out of bounds write due to a logic error. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Android
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In keyinstall, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In keyinstall, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In keyinstall, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a heap buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In createTransmitFollowupRequest of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In get_svc_hash of nan.cpp, there is a possible out of bounds write due to a heap buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bounds write due to a buffer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In dhd_prot_ioctcmplt_process of dhd_msgbuf.c, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In add_roam_cache_list of wl_roam.c, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In wl_update_hidden_ap_ie of wl_cfgscan.c, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing warning to the user. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Google Android
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-254114726References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In fdt_next_tag of fdt.c, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In DoSetPinControl of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In ParseWithAuthType of simdata.cpp, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In DoSetTempEcc of imsservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-229255400References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
EPSS 0% CVSS 7.5
HIGH This Week

In sms_GetTpPiIe of sms_PduCodec.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

In EUTRAN_LCS_DecodeFacilityInformationElement of LPP_LcsManagement.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google +1
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

In lcsm_SendRrAcquiAssist of lcsm_bcm_assist.c, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +2
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

In ProfSixDecomTcpSACKoption of RohcPacketCommon, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In lwis_slc_buffer_free of lwis_device_slc.c, there is a possible memory corruption due to type confusion. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

In dit_hal_ioctl of dit.c, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Denial Of Service Google Use After Free +3
NVD
EPSS 1% CVSS 7.2
HIGH This Week

In EUTRAN_LCS_ConvertLCS_MOLRReq of LPP_CommonUtil.c, there is a possible out of bounds write due to a logic error in the code. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

In sms_ExtractCbLanguage of sms_CellBroadcast.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In setToExternal of ril_external_client.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In dwc3_exynos_clk_get of dwc3-exynos.c, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Privilege Escalation +3
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In load_png_image of ExynosHWCHelper.cpp, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In append_camera_metadata of camera_metadata.c, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In handleEvent of nan.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In ConvertToHalMetadata of aidl_utils.cc, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In ConvertToHalMetadata of aidl_utils.cc, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Information Disclosure +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

When cpif handles probe failures, there is a possible out of bounds read due to a use after free. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Google +4
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In init of VendorGraphicBufferMeta, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In (TBD) of (TBD), there is a possible way to corrupt memory due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Google Use After Free +3
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In (TBD) of (TBD), there is a possible way to corrupt memory due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Google Use After Free +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In append_to_params of param_util.c, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In buildCommand of bluetooth_ccc.cc, there is a possible out of bounds write due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In dumpstateBoard of Dumpstate.cpp, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Google +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In cs40l2x_cp_trigger_queue_show of cs40l2x.c, there is a possible out of bounds write due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Google +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In BitmapExport.java, there is a possible failure to truncate images due to a logic error in the code.Product: AndroidVersions: Android kernelAndroid ID: A-264261868References: N/A. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In multiple functions of BackupHelper.java, there is a possible way for an app to get permissions previously granted to another app with the same package name due to a permissions bypass. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Privilege Escalation Google Authentication Bypass +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Privilege Escalation Google Authentication Bypass +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In addNetwork of WifiManager.java, there is a possible way to trigger a persistent DoS due to resource exhaustion. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Google Android
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

In _ufdt_output_node_to_fdt of ufdt_convert.c, there is a possible out of bounds read due to a heap buffer overflow. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Google +1
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

In setPowerMode of HWC2.cpp, there is a possible out of bounds read due to a race condition. Rated medium severity (CVSS 4.7). No vendor patch available.

Buffer Overflow Information Disclosure Google +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In Confirmation of keystore_cli_v2.cpp, there is a possible way to corrupt memory due to a double free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Google Android
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In register of UidObserverController.java, there is a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Information Disclosure Google Authentication Bypass +1
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

In parse_printerAttributes of ipphelper.c, there is a possible out of bounds read due to a string without a null-terminator. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Google +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

In multiple functions of PasspointXmlUtils.java, there is a possible authentication misconfiguration due to a logic error in the code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Authentication Bypass +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In updateInputChannel of WindowManagerService.java, there is a possible way to set a touchable region beyond its own SurfaceControl due to a logic error in the code. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Google Android
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

In ufdt_local_fixup_prop of ufdt_overlay.c, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Google +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In maybeFinish of FallbackHome.java, there is a possible delay of lockdown screen due to logic error. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Google Android
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In BufferBlock of Suballocation.cpp, there is a possible out of bounds write due to memory corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In isTargetSdkLessThanQOrPrivileged of WifiServiceImpl.java, there is a possible way for the guest user to change admin user network settings due to a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Privilege Escalation Google Authentication Bypass +1
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

In registerSignalHandlers of main.c, there is a possible local arbitrary code execution due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Denial Of Service Google Use After Free +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In ih264e_init_proc_ctxt of ih264e_process.c, there is a possible out of bounds read due to a heap buffer overflow. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Google +1
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

In UnwindingWorker of unwinding.cc, there is a possible out of bounds write due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Google +4
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In InstallStart of InstallStart.java, there is a possible way to change the installer package name due to an improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Google Android
NVD
Prev Page 28 of 81 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy