Google

Android

7931 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.3

CVE-2023-21246

  • EPSS 0.02%
  • Veröffentlicht 13.07.2023 00:15:23
  • Zuletzt bearbeitet 21.11.2024 07:42:29

In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification listening access due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User inter...

7.8

CVE-2023-21247

  • EPSS 0%
  • Veröffentlicht 13.07.2023 00:15:23
  • Zuletzt bearbeitet 21.11.2024 07:42:29

In getAvailabilityStatus of BluetoothScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional exe...

7.8

CVE-2023-21248

  • EPSS 0%
  • Veröffentlicht 13.07.2023 00:15:23
  • Zuletzt bearbeitet 21.11.2024 07:42:29

In getAvailabilityStatus of WifiScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional executio...

5.5

CVE-2023-21249

  • EPSS 0%
  • Veröffentlicht 13.07.2023 00:15:23
  • Zuletzt bearbeitet 21.11.2024 07:42:29

In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time permission retention due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not...

9.8

CVE-2023-21250

  • EPSS 0.63%
  • Veröffentlicht 13.07.2023 00:15:23
  • Zuletzt bearbeitet 21.11.2024 07:42:29

In gatt_end_operation of gatt_utils.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

7.3

CVE-2023-21251

  • EPSS 0%
  • Veröffentlicht 13.07.2023 00:15:23
  • Zuletzt bearbeitet 21.11.2024 07:42:29

In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed...

4.4

CVE-2023-33904

  • EPSS 0.01%
  • Veröffentlicht 12.07.2023 09:15:14
  • Zuletzt bearbeitet 21.11.2024 08:06:10

In hci_server, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

4.4

CVE-2023-33905

  • EPSS 0.01%
  • Veröffentlicht 12.07.2023 09:15:14
  • Zuletzt bearbeitet 27.11.2024 16:15:09

In iwnpi server, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.

5.5

CVE-2023-33889

  • EPSS 0.02%
  • Veröffentlicht 12.07.2023 09:15:13
  • Zuletzt bearbeitet 21.11.2024 08:06:08

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.

5.5

CVE-2023-33890

  • EPSS 0.02%
  • Veröffentlicht 12.07.2023 09:15:13
  • Zuletzt bearbeitet 21.11.2024 08:06:08

In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.