Google

Android

7931 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2024-0033

  • EPSS 0.06%
  • Veröffentlicht 16.02.2024 02:15:50
  • Zuletzt bearbeitet 16.12.2024 19:08:08

In multiple functions of ashmem-dev.cpp, there is a possible missing seal due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

7.8

CVE-2024-0034

  • EPSS 0%
  • Veröffentlicht 16.02.2024 02:15:50
  • Zuletzt bearbeitet 19.03.2025 18:15:19

In BackgroundLaunchProcessController, there is a possible way to launch arbitrary activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

7.8

CVE-2024-0035

  • EPSS 0.03%
  • Veröffentlicht 16.02.2024 02:15:50
  • Zuletzt bearbeitet 16.12.2024 15:59:54

In onNullBinding of TileLifecycleManager.java, there is a possible way to launch an activity from the background due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User intera...

5.5

CVE-2023-40093

  • EPSS 0.05%
  • Veröffentlicht 16.02.2024 02:15:49
  • Zuletzt bearbeitet 03.12.2024 19:15:07

In multiple files, there is a possible way that trimmed content could be included in PDF output due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not ...

7.5

CVE-2023-40104

  • EPSS 0.22%
  • Veröffentlicht 15.02.2024 23:15:08
  • Zuletzt bearbeitet 16.12.2024 19:33:26

In ca-certificates, there is a possible way to read encrypted TLS data due to untrusted cryptographic certificates. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for ex...

5.5

CVE-2023-40105

  • EPSS 0.02%
  • Veröffentlicht 15.02.2024 23:15:08
  • Zuletzt bearbeitet 13.12.2024 21:27:40

In backupAgentCreated of ActivityManagerService.java, there is a possible way to leak sensitive data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction i...

7.8

CVE-2023-40106

  • EPSS 0%
  • Veröffentlicht 15.02.2024 23:15:08
  • Zuletzt bearbeitet 13.12.2024 21:20:34

In sanitizeSbn of NotificationManagerService.java, there is a possible way to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...

7.8

CVE-2023-40107

  • EPSS 0.02%
  • Veröffentlicht 15.02.2024 23:15:08
  • Zuletzt bearbeitet 13.12.2024 21:02:17

In ARTPWriter of ARTPWriter.cpp, there is a possible use after free due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

7.8

CVE-2023-40109

  • EPSS 0%
  • Veröffentlicht 15.02.2024 23:15:08
  • Zuletzt bearbeitet 16.12.2024 19:34:04

In createFromParcel of UsbConfiguration.java, there is a possible background activity launch (BAL) due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is neede...

7.8

CVE-2023-40110

  • EPSS 0.03%
  • Veröffentlicht 15.02.2024 23:15:08
  • Zuletzt bearbeitet 19.03.2025 16:15:22

In multiple functions of MtpPacket.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitatio...