Filtered by vendor Google
Subscribe
Total
11915 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-20944 | 1 Google | 1 Android | 2023-03-06 | N/A | 7.8 HIGH |
| In run of ChooseTypeAndAccountActivity.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-244154558 | |||||
| CVE-2023-20948 | 1 Google | 1 Android | 2023-03-06 | N/A | 7.5 HIGH |
| In dropFramesUntilIframe of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-230630526 | |||||
| CVE-2023-20937 | 1 Google | 1 Android | 2023-03-06 | N/A | 7.8 HIGH |
| In several functions of the Android Linux kernel, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257443051References: Upstream kernel | |||||
| CVE-2023-20938 | 1 Google | 1 Android | 2023-03-06 | N/A | 7.8 HIGH |
| In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257685302References: Upstream kernel | |||||
| CVE-2023-20945 | 1 Google | 1 Android | 2023-03-06 | N/A | 7.8 HIGH |
| In phNciNfc_MfCreateXchgDataHdr of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-246932269 | |||||
| CVE-2023-20946 | 1 Google | 1 Android | 2023-03-06 | N/A | 9.8 CRITICAL |
| In onStart of BluetoothSwitchPreferenceController.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-244423101 | |||||
| CVE-2020-0202 | 1 Google | 1 Android | 2023-03-03 | 6.8 MEDIUM | 7.8 HIGH |
| In onHandleIntent of TraceService.java, there is a possible bypass of developer settings requirements for capturing system traces due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11 Android ID: A-142936525 | |||||
| CVE-2020-0215 | 1 Google | 1 Android | 2023-03-03 | 4.4 MEDIUM | 7.8 HIGH |
| In onCreate of ConfirmConnectActivity.java, there is a possible leak of Bluetooth information due to a permissions bypass. This could lead to local escalation of privilege that exposes a pairing Bluetooth MAC address with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9 Android-10 Android-11 Android-8.0 Android-8.1 Android ID: A-140417248 | |||||
| CVE-2020-0213 | 1 Google | 1 Android | 2023-03-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| In hevcd_fmt_conv_420sp_to_420sp_av8 of ihevcd_fmt_conv_420sp_to_420sp.s, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10 Android-11 Android ID: A-143464314 | |||||
| CVE-2022-20078 | 2 Google, Mediatek | 13 Android, Mt6833, Mt6853 and 10 more | 2023-03-02 | 6.9 MEDIUM | 6.4 MEDIUM |
| In vow, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05852819; Issue ID: ALPS05852819. | |||||
| CVE-2019-2054 | 2 Canonical, Google | 2 Ubuntu Linux, Android | 2023-02-28 | 4.6 MEDIUM | 7.8 HIGH |
| In the seccomp implementation prior to kernel version 4.8, there is a possible seccomp bypass due to seccomp policies that allow the use of ptrace. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-119769499 | |||||
| CVE-2021-26277 | 2 Google, Vivo | 2 Android, Frame Service | 2023-02-28 | N/A | 9.8 CRITICAL |
| The framework service handles pendingIntent incorrectly, allowing a malicious application with certain privileges to perform privileged actions. | |||||
| CVE-2020-0404 | 2 Google, Oracle | 4 Android, Communications Cloud Native Core Binding Support Function, Communications Cloud Native Core Network Exposure Function and 1 more | 2023-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
| In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111893654References: Upstream kernel | |||||
| CVE-2018-9568 | 4 Canonical, Google, Linux and 1 more | 9 Ubuntu Linux, Android, Linux Kernel and 6 more | 2023-02-24 | 7.2 HIGH | 7.8 HIGH |
| In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel. | |||||
| CVE-2023-20949 | 1 Google | 1 Android | 2023-02-23 | N/A | 5.5 MEDIUM |
| In s2mpg11_pmic_probe of s2mpg11-regulator.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-259323133References: N/A | |||||
| CVE-2023-20927 | 1 Google | 1 Android | 2023-02-23 | N/A | 7.8 HIGH |
| In permissions of AndroidManifest.xml, there is a possible way to grant signature permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244216503 | |||||
| CVE-2022-20144 | 1 Google | 1 Android | 2023-02-23 | 7.2 HIGH | 7.8 HIGH |
| In multiple functions of AvatarPhotoController.java, there is a possible access to content owned by system content providers due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-250637906 | |||||
| CVE-2022-20369 | 2 Debian, Google | 2 Debian Linux, Android | 2023-02-23 | N/A | 6.7 MEDIUM |
| In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223375145References: Upstream kernel | |||||
| CVE-2022-42783 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-22 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | |||||
| CVE-2022-47451 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-22 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | |||||