CVE-2023-35680
- EPSS 0.11%
- Veröffentlicht 11.09.2023 21:15:42
- Zuletzt bearbeitet 21.11.2024 08:08:29
In multiple locations, there is a possible way to import contacts belonging to other users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for ex...
CVE-2023-35681
- EPSS 0.54%
- Veröffentlicht 11.09.2023 21:15:42
- Zuletzt bearbeitet 21.11.2024 08:08:29
In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitat...
CVE-2023-35682
- EPSS 0.1%
- Veröffentlicht 11.09.2023 21:15:42
- Zuletzt bearbeitet 05.05.2025 16:15:41
In hasPermissionForActivity of PackageManagerHelper.java, there is a possible way to start arbitrary components due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interactio...
CVE-2023-35683
- EPSS 0.17%
- Veröffentlicht 11.09.2023 21:15:42
- Zuletzt bearbeitet 21.11.2024 08:08:30
In bindSelection of DatabaseUtils.java, there is a possible way to access files from other applications due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not need...
CVE-2023-35684
- EPSS 0.15%
- Veröffentlicht 11.09.2023 21:15:42
- Zuletzt bearbeitet 21.11.2024 08:08:30
In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to an integer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploita...
CVE-2023-35687
- EPSS 0.15%
- Veröffentlicht 11.09.2023 21:15:42
- Zuletzt bearbeitet 21.11.2024 08:08:30
In MtpPropertyValue of MtpProperty.h, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-35658
- EPSS 0.2%
- Veröffentlicht 11.09.2023 21:15:41
- Zuletzt bearbeitet 21.11.2024 08:08:27
In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible privilege escalation due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not neede...
CVE-2023-35664
- EPSS 0.08%
- Veröffentlicht 11.09.2023 21:15:41
- Zuletzt bearbeitet 21.11.2024 08:08:27
In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for e...
CVE-2023-35665
- EPSS 0.1%
- Veröffentlicht 11.09.2023 21:15:41
- Zuletzt bearbeitet 21.11.2024 08:08:28
In multiple files, there is a possible way to import a contact from another user due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for ex...
CVE-2023-35666
- EPSS 0.09%
- Veröffentlicht 11.09.2023 21:15:41
- Zuletzt bearbeitet 21.11.2024 08:08:28
In bta_av_rc_msg of bta_av_act.cc, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.