CVE-2023-33910
- EPSS 0.08%
- Veröffentlicht 07.08.2023 02:15:10
- Zuletzt bearbeitet 21.11.2024 08:06:11
In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
CVE-2023-33911
- EPSS 0.08%
- Veröffentlicht 07.08.2023 02:15:10
- Zuletzt bearbeitet 21.11.2024 08:06:11
In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
CVE-2023-33912
- EPSS 0.08%
- Veröffentlicht 07.08.2023 02:15:10
- Zuletzt bearbeitet 21.11.2024 08:06:11
In Contacts service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
CVE-2023-33913
- EPSS 0.42%
- Veröffentlicht 07.08.2023 02:15:10
- Zuletzt bearbeitet 21.11.2024 08:06:11
In DRM/oemcrypto, there is a possible out of bounds write due to an incorrect calculation of buffer size.This could lead to remote escalation of privilege with System execution privileges needed
CVE-2022-47350
- EPSS 0.09%
- Veröffentlicht 07.08.2023 02:15:09
- Zuletzt bearbeitet 21.11.2024 07:31:46
In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
CVE-2023-35692
- EPSS 0.08%
- Veröffentlicht 14.07.2023 16:15:14
- Zuletzt bearbeitet 21.11.2024 08:08:31
In getLocationCache of GeoLocation.java, there is a possible way to send a mock location during an emergency call due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User ...
CVE-2023-21260
- EPSS 0.07%
- Veröffentlicht 13.07.2023 01:15:08
- Zuletzt bearbeitet 21.11.2024 07:42:30
In notification access permission dialog box, malicious application can embedded a very long service label that overflow the original user prompt and possibly contains mis-leading information to be appeared as a system message for user confirmation. ...
CVE-2023-21254
- EPSS 0.1%
- Veröffentlicht 13.07.2023 00:15:24
- Zuletzt bearbeitet 21.11.2024 07:42:30
In getCurrentState of OneTimePermissionUserManager.java, there is a possible way to hold one-time permissions after the app is being killed due to a logic error in the code. This could lead to local escalation of privilege with no additional executio...
CVE-2023-21255
- EPSS 0.19%
- Veröffentlicht 13.07.2023 00:15:24
- Zuletzt bearbeitet 13.02.2025 17:16:02
In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-21256
- EPSS 0.11%
- Veröffentlicht 13.07.2023 00:15:24
- Zuletzt bearbeitet 21.11.2024 07:42:30
In SettingsHomepageActivity.java, there is a possible way to launch arbitrary activities via Settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...