CVE-2023-20726
- EPSS 0.08%
- Veröffentlicht 15.05.2023 22:15:11
- Zuletzt bearbeitet 24.01.2025 15:15:09
In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS077359...
CVE-2023-20914
- EPSS 0.06%
- Veröffentlicht 15.05.2023 22:15:11
- Zuletzt bearbeitet 24.01.2025 18:15:29
In onSetRuntimePermissionGrantStateByDeviceAdmin of AdminRestrictedPermissionsUtils.java, there is a possible way for the work profile to read SMS messages due to a permissions bypass. This could lead to local information disclosure with User executi...
CVE-2023-20930
- EPSS 0.09%
- Veröffentlicht 15.05.2023 22:15:11
- Zuletzt bearbeitet 24.01.2025 18:15:29
In pushDynamicShortcut of ShortcutPackage.java, there is a possible way to get the device into a boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not ...
CVE-2023-21102
- EPSS 0.19%
- Veröffentlicht 15.05.2023 22:15:11
- Zuletzt bearbeitet 24.01.2025 18:15:30
In __efi_rt_asm_wrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is ...
CVE-2023-21103
- EPSS 0.1%
- Veröffentlicht 15.05.2023 22:15:11
- Zuletzt bearbeitet 24.01.2025 18:15:30
In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted user data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21104
- EPSS 0.08%
- Veröffentlicht 15.05.2023 22:15:11
- Zuletzt bearbeitet 24.01.2025 18:15:30
In applySyncTransaction of WindowOrganizer.java, a missing permission check could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-1...
CVE-2023-21106
- EPSS 0.11%
- Veröffentlicht 15.05.2023 22:15:11
- Zuletzt bearbeitet 24.01.2025 18:15:30
In adreno_set_param of adreno_gpu.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2023-21107
- EPSS 0.09%
- Veröffentlicht 15.05.2023 22:15:11
- Zuletzt bearbeitet 24.01.2025 18:15:30
In retrieveAppEntry of NotificationAccessDetails.java, there is a missing permission check. This could lead to local escalation of privilege across user boundaries with no additional execution privileges needed. User interaction is not needed for exp...
CVE-2023-21109
- EPSS 0.13%
- Veröffentlicht 15.05.2023 22:15:11
- Zuletzt bearbeitet 24.01.2025 18:15:30
In multiple places of AccessibilityService, there is a possible way to hide the app from the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is n...
CVE-2023-21110
- EPSS 0.09%
- Veröffentlicht 15.05.2023 22:15:11
- Zuletzt bearbeitet 24.01.2025 18:15:31
In several functions of SnoozeHelper.java, there is a possible way to grant notifications access due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not need...