Filtered by vendor Google
Subscribe
Total
11915 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-20740 | 3 Google, Linuxfoundation, Mediatek | 39 Android, Iot-yocto, Yocto and 36 more | 2023-06-09 | N/A | 6.7 MEDIUM |
| In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559819; Issue ID: ALPS07559840. | |||||
| CVE-2023-20742 | 2 Google, Mediatek | 48 Android, Mt6735, Mt6737 and 45 more | 2023-06-09 | N/A | 4.4 MEDIUM |
| In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628540. | |||||
| CVE-2023-20752 | 2 Google, Mediatek | 8 Android, Mt8167, Mt8167s and 5 more | 2023-06-09 | N/A | 6.7 MEDIUM |
| In keymange, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826586; Issue ID: ALPS07826586. | |||||
| CVE-2023-20745 | 3 Google, Linuxfoundation, Mediatek | 14 Android, Iot-yocto, Yocto and 11 more | 2023-06-09 | N/A | 6.7 MEDIUM |
| In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519142; Issue ID: ALPS07560694. | |||||
| CVE-2023-20739 | 2 Google, Mediatek | 48 Android, Mt6735, Mt6737 and 45 more | 2023-06-09 | N/A | 6.7 MEDIUM |
| In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559819; Issue ID: ALPS07559819. | |||||
| CVE-2023-20750 | 2 Google, Mediatek | 23 Android, Mt6835, Mt6886 and 20 more | 2023-06-09 | N/A | 4.1 MEDIUM |
| In swpm, there is a possible out of bounds write due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780926; Issue ID: ALPS07780928. | |||||
| CVE-2023-20747 | 3 Google, Linuxfoundation, Mediatek | 48 Android, Iot-yocto, Yocto and 45 more | 2023-06-09 | N/A | 4.4 MEDIUM |
| In vcu, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519121. | |||||
| CVE-2023-20734 | 3 Google, Linuxfoundation, Mediatek | 41 Android, Iot-yocto, Yocto and 38 more | 2023-06-09 | N/A | 6.7 MEDIUM |
| In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645184. | |||||
| CVE-2023-20737 | 3 Google, Linuxfoundation, Mediatek | 23 Android, Iot-yocto, Yocto and 20 more | 2023-06-09 | N/A | 6.7 MEDIUM |
| In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645167. | |||||
| CVE-2023-20725 | 4 Google, Mediatek, Openwrt and 1 more | 41 Android, Mt6580, Mt6739 and 38 more | 2023-06-09 | N/A | 6.7 MEDIUM |
| In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only); Issue ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only). | |||||
| CVE-2023-20724 | 2 Google, Mediatek | 4 Android, Mt8167, Mt8175 and 1 more | 2023-06-09 | N/A | 6.7 MEDIUM |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07843845; Issue ID: ALPS07843841. | |||||
| CVE-2023-20723 | 2 Google, Mediatek | 4 Android, Mt8167, Mt8175 and 1 more | 2023-06-09 | N/A | 6.7 MEDIUM |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07843845; Issue ID: ALPS07843845. | |||||
| CVE-2016-10200 | 2 Google, Linux | 2 Android, Linux Kernel | 2023-06-07 | 6.9 MEDIUM | 7.0 HIGH |
| Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c. | |||||
| CVE-2023-33741 | 2 Google, Macro-video | 2 Android, V380 Pro | 2023-06-06 | N/A | 7.5 HIGH |
| Macrovideo v380pro v1.4.97 shares the device id and password when sharing the device. | |||||
| CVE-2023-33740 | 2 Google, Luowice | 2 Android, Luowice | 2023-06-06 | N/A | 7.5 HIGH |
| Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code information via modification fo the Verify parameter in a warning message. | |||||
| CVE-2015-6647 | 1 Google | 1 Android | 2023-05-30 | 9.3 HIGH | 7.8 HIGH |
| The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24441554. | |||||
| CVE-2015-6639 | 1 Google | 1 Android | 2023-05-30 | 9.3 HIGH | 7.8 HIGH |
| The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24446875. | |||||
| CVE-2021-0877 | 1 Google | 1 Android | 2023-05-24 | N/A | 9.8 CRITICAL |
| Product: AndroidVersions: Android SoCAndroid ID: A-273754094 | |||||
| CVE-2023-20673 | 2 Google, Mediatek | 43 Android, Iot Yocto, Mt5696 and 40 more | 2023-05-24 | N/A | 6.7 MEDIUM |
| In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103. | |||||
| CVE-2023-20694 | 3 Google, Mediatek, Openwrt | 43 Android, Mt6580, Mt6739 and 40 more | 2023-05-24 | N/A | 6.7 MEDIUM |
| In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only). | |||||