Google

Android

7895 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2023-40639

  • EPSS 0.02%
  • Veröffentlicht 08.10.2023 04:15:56
  • Zuletzt bearbeitet 21.11.2024 08:19:52

In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges

5.5

CVE-2023-40640

  • EPSS 0.02%
  • Veröffentlicht 08.10.2023 04:15:56
  • Zuletzt bearbeitet 21.11.2024 08:19:52

In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges

4.4

CVE-2023-40631

  • EPSS 0.01%
  • Veröffentlicht 08.10.2023 04:15:55
  • Zuletzt bearbeitet 21.11.2024 08:19:51

In Dialer, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed

6.7

CVE-2023-21244

  • EPSS 0.01%
  • Veröffentlicht 06.10.2023 19:15:12
  • Zuletzt bearbeitet 01.05.2025 20:15:35

In visitUris of Notification.java, there is a possible bypass of user profile boundaries due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exp...

5.5

CVE-2023-21252

  • EPSS 0.04%
  • Veröffentlicht 06.10.2023 19:15:12
  • Zuletzt bearbeitet 21.11.2024 07:42:29

In validatePassword of WifiConfigurationUtil.java, there is a possible way to get the device into a boot loop due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interactio...

5.5

CVE-2023-21253

  • EPSS 0.06%
  • Veröffentlicht 06.10.2023 19:15:12
  • Zuletzt bearbeitet 21.11.2024 07:42:29

In multiple locations, there is a possible way to crash multiple system services due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

7.8

CVE-2023-21266

  • EPSS 0%
  • Veröffentlicht 06.10.2023 19:15:12
  • Zuletzt bearbeitet 05.05.2025 15:15:50

In multiple functions of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interact...

5.5

CVE-2023-21291

  • EPSS 0.02%
  • Veröffentlicht 06.10.2023 19:15:12
  • Zuletzt bearbeitet 21.11.2024 07:42:34

In visitUris of Notification.java, there is a possible way to reveal image contents from another user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not ne...

6.7

CVE-2023-32824

  • EPSS 0.01%
  • Veröffentlicht 02.10.2023 03:15:10
  • Zuletzt bearbeitet 21.11.2024 08:04:06

In rpmb , there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07912966; Issue ID: ALPS079129...

6.7

CVE-2023-32826

  • EPSS 0.01%
  • Veröffentlicht 02.10.2023 03:15:10
  • Zuletzt bearbeitet 21.11.2024 08:04:07

In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS...