CVE-2023-21093
- EPSS 0.1%
- Veröffentlicht 19.04.2023 20:15:11
- Zuletzt bearbeitet 05.02.2025 16:15:34
In extractRelativePath of FileUtils.java, there is a possible way to access files in a directory belonging to other applications due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges n...
CVE-2023-21094
- EPSS 0.16%
- Veröffentlicht 19.04.2023 20:15:11
- Zuletzt bearbeitet 05.02.2025 16:15:34
In sanitize of LayerState.cpp, there is a possible way to take over the screen display and swap the display content due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. Us...
CVE-2023-21096
- EPSS 0.47%
- Veröffentlicht 19.04.2023 20:15:11
- Zuletzt bearbeitet 05.02.2025 16:15:34
In OnWakelockReleased of attribution_processor.cc, there is a use after free that could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12...
CVE-2023-21097
- EPSS 0.2%
- Veröffentlicht 19.04.2023 20:15:11
- Zuletzt bearbeitet 05.02.2025 16:15:34
In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploi...
CVE-2023-21098
- EPSS 0.1%
- Veröffentlicht 19.04.2023 20:15:11
- Zuletzt bearbeitet 05.02.2025 18:15:27
In multiple functions of AccountManagerService.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed....
CVE-2023-21099
- EPSS 0.1%
- Veröffentlicht 19.04.2023 20:15:11
- Zuletzt bearbeitet 05.02.2025 17:15:12
In multiple methods of PackageInstallerSession.java, there is a possible way to start foreground services from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges n...
CVE-2021-0872
- EPSS 0.09%
- Veröffentlicht 19.04.2023 20:15:10
- Zuletzt bearbeitet 05.02.2025 21:15:12
In PVRSRVBridgeRGXKickVRDM of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privile...
CVE-2021-0873
- EPSS 0.09%
- Veröffentlicht 19.04.2023 20:15:10
- Zuletzt bearbeitet 05.02.2025 21:15:12
In PVRSRVBridgeRGXKickRS of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privilege...
CVE-2021-0874
- EPSS 0.09%
- Veröffentlicht 19.04.2023 20:15:10
- Zuletzt bearbeitet 05.02.2025 21:15:13
In PVRSRVBridgeDevicememHistorySparseChange of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional ...
CVE-2021-0875
- EPSS 0.09%
- Veröffentlicht 19.04.2023 20:15:10
- Zuletzt bearbeitet 05.02.2025 21:15:13
In PVRSRVBridgeChangeSparseMem of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution pri...