CVE-2023-21026
- EPSS 0.09%
- Veröffentlicht 24.03.2023 20:15:13
- Zuletzt bearbeitet 25.02.2025 16:15:36
In updateInputChannel of WindowManagerService.java, there is a possible way to set a touchable region beyond its own SurfaceControl due to a logic error in the code. This could lead to local denial of service with no additional execution privileges n...
CVE-2023-21027
- EPSS 0.48%
- Veröffentlicht 24.03.2023 20:15:13
- Zuletzt bearbeitet 25.02.2025 16:15:36
In multiple functions of PasspointXmlUtils.java, there is a possible authentication misconfiguration due to a logic error in the code. This could lead to remote information disclosure with no additional execution privileges needed. User interaction i...
CVE-2023-21028
- EPSS 0.44%
- Veröffentlicht 24.03.2023 20:15:13
- Zuletzt bearbeitet 25.02.2025 15:15:13
In parse_printerAttributes of ipphelper.c, there is a possible out of bounds read due to a string without a null-terminator. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not need...
CVE-2023-21029
- EPSS 0.09%
- Veröffentlicht 24.03.2023 20:15:13
- Zuletzt bearbeitet 25.02.2025 15:15:13
In register of UidObserverController.java, there is a missing permission check. This could lead to local information disclosure of app usage with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersio...
CVE-2023-21030
- EPSS 0.1%
- Veröffentlicht 24.03.2023 20:15:13
- Zuletzt bearbeitet 25.02.2025 15:15:13
In Confirmation of keystore_cli_v2.cpp, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege in an unprivileged process with no additional execution privileges needed. User interaction is no...
CVE-2023-21031
- EPSS 0.08%
- Veröffentlicht 24.03.2023 20:15:13
- Zuletzt bearbeitet 25.02.2025 15:15:13
In setPowerMode of HWC2.cpp, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Andr...
CVE-2023-21032
- EPSS 0.1%
- Veröffentlicht 24.03.2023 20:15:13
- Zuletzt bearbeitet 25.02.2025 15:15:14
In _ufdt_output_node_to_fdt of ufdt_convert.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitat...
CVE-2023-21033
- EPSS 0.09%
- Veröffentlicht 24.03.2023 20:15:13
- Zuletzt bearbeitet 25.02.2025 15:15:14
In addNetwork of WifiManager.java, there is a possible way to trigger a persistent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitat...
CVE-2023-21034
- EPSS 0.11%
- Veröffentlicht 24.03.2023 20:15:13
- Zuletzt bearbeitet 26.02.2025 21:15:14
In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exp...
CVE-2023-21035
- EPSS 0.11%
- Veröffentlicht 24.03.2023 20:15:13
- Zuletzt bearbeitet 25.02.2025 15:15:14
In multiple functions of BackupHelper.java, there is a possible way for an app to get permissions previously granted to another app with the same package name due to a permissions bypass. This could lead to local escalation of privilege with no addit...