Total
7791 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-35679 | 1 Google | 1 Android | 2023-09-13 | N/A | 5.5 MEDIUM |
| In MtpPropertyValue of MtpProperty.h, there is a possible out of bounds read due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2023-35680 | 1 Google | 1 Android | 2023-09-13 | N/A | 5.5 MEDIUM |
| In multiple locations, there is a possible way to import contacts belonging to other users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-35681 | 1 Google | 1 Android | 2023-09-13 | N/A | 9.8 CRITICAL |
| In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-35682 | 1 Google | 1 Android | 2023-09-13 | N/A | 7.8 HIGH |
| In hasPermissionForActivity of PackageManagerHelper.java, there is a possible way to start arbitrary components due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2023-40040 | 2 Google, Mycrops | 2 Android, Higrade | 2023-09-13 | N/A | 5.3 MEDIUM |
| An issue was discovered in the MyCrops HiGrade "THC Testing & Cannabi" application 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in some situations. NOTE: this is only exploitable on Android versions that lack runtime permission checks, and of those only Android SDK 5.1.1 API 22 is consistent with the manifest. Thus, this applies only to Android Lollipop, affecting less than five percent of Android devices as of 2023. | |||||
| CVE-2023-35665 | 1 Google | 1 Android | 2023-09-13 | N/A | 7.8 HIGH |
| In multiple files, there is a possible way to import a contact from another user due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2022-48452 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-09-08 | N/A | 4.4 MEDIUM |
| In Ifaa service, there is a possible missing permission check. This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2022-48453 | 2 Google, Unisoc | 2 Android, Sc7731e | 2023-09-08 | N/A | 4.4 MEDIUM |
| In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2023-33914 | 2 Google, Unisoc | 5 Android, S8000, T760 and 2 more | 2023-09-08 | N/A | 7.5 HIGH |
| In NIA0 algorithm in Security Mode Command, there is a possible missing verification incorrect input. This could lead to remote information disclosure no additional execution privileges needed | |||||
| CVE-2023-33915 | 2 Google, Unisoc | 5 Android, S8000, T760 and 2 more | 2023-09-08 | N/A | 7.5 HIGH |
| In LTE protocol stack, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed | |||||
| CVE-2022-47353 | 2 Google, Unisoc | 7 Android, S8000, T610 and 4 more | 2023-09-08 | N/A | 4.4 MEDIUM |
| In vdsp device, there is a possible system crash due to improper input validation.This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2023-38554 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-09-08 | N/A | 5.5 MEDIUM |
| In wcn bsp driver, there is a possible out of bounds write due to a missing bounds check.This could lead to local denial of service with no additional execution privileges | |||||
| CVE-2023-38553 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-09-08 | N/A | 6.7 MEDIUM |
| In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed | |||||
| CVE-2023-38468 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-09-08 | N/A | 4.4 MEDIUM |
| In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2023-38467 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-09-08 | N/A | 4.4 MEDIUM |
| In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2023-38466 | 2 Google, Unisoc | 13 Android, S8000, Sc9832e and 10 more | 2023-09-08 | N/A | 5.5 MEDIUM |
| In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges | |||||
| CVE-2023-38465 | 2 Google, Unisoc | 13 Android, S8000, Sc9832e and 10 more | 2023-09-08 | N/A | 5.5 MEDIUM |
| In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges | |||||
| CVE-2023-38444 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2023-09-08 | N/A | 7.8 HIGH |
| In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges | |||||
| CVE-2023-38445 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2023-09-08 | N/A | 5.5 MEDIUM |
| In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges | |||||
| CVE-2023-38447 | 2 Google, Unisoc | 9 Android, Sc7731e, Sc9832e and 6 more | 2023-09-08 | N/A | 5.5 MEDIUM |
| In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges | |||||