Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2021-3674 A flaw was found in rizin. The create_section_from_phdr function allocates space for ELF section data by processing the headers. Crafted values in the headers can cause out of bounds reads, which can ... | 7.8 | HIGH | — | 0 |
| CVE-2022-20467 In isBluetoothShareUri of BluetoothOppUtility.java, there is a possible incorrect file read due to a confused deputy. This could lead to local information disclosure with no additional execution privi... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-20499 In validateForCommonR1andR2 of PasspointConfiguration.java, uncaught errors in parsing stored configs could lead to local persistent denial of service with no additional execution privileges needed. U... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-20532 In parseTrackFragmentRun() of MPEG4Extractor.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to remote escalation of privilege with no additional execution priv... | 9.8 | CRITICAL | — | 0 |
| CVE-2022-20542 In parseParamsBlob of types.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed.... | 7.8 | HIGH | — | 0 |
| CVE-2022-42498 In Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interac... | 9.8 | CRITICAL | — | 0 |
| CVE-2022-42499 In sms_SendMmCpErrMsg of sms_MmConManagement.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges ... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-20906 In onPackageAddedInternal of PermissionManagerService.java, there is a possible way to silently grant a permission after a Target SDK update due to a permissions bypass. This could lead to local escal... | 7.8 | HIGH | — | 0 |
| CVE-2023-20910 In add of WifiNetworkSuggestionsManager.java, there is a possible way to trigger permanent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privi... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-20911 In addPermission of PermissionManagerServiceImpl.java , there is a possible failure to persist permission settings due to resource exhaustion. This could lead to local escalation of privilege with no ... | 7.8 | HIGH | — | 0 |
| CVE-2023-20917 In onTargetSelected of ResolverActivity.java, there is a possible way to share a wrong file due to a logic error in the code. This could lead to local escalation of privilege with no additional execut... | 7.8 | HIGH | — | 0 |
| CVE-2023-20926 In onParentVisible of HeaderPrivacyIconsController.kt, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege w... | 6.8 | MEDIUM | — | 0 |
| CVE-2023-20929 In sendHalfSheetCancelBroadcast of HalfSheetActivity.java, there is a possible way to learn nearby BT MAC addresses due to an unrestricted broadcast intent. This could lead to local information disclo... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-20931 In avdt_scb_hdl_write_req of avdt_scb_act.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privi... | 7.8 | HIGH | — | 0 |
| CVE-2023-20936 In bta_av_rc_disc_done of bta_av_act.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges... | 7.8 | HIGH | — | 0 |
| CVE-2023-20947 In getGroupState of GrantPermissionsViewModel.kt, there is a possible way to keep a one-time permission granted due to a permissions bypass. This could lead to local escalation of privilege with no ad... | 7.8 | HIGH | — | 0 |
| CVE-2023-20951 In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges ne... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-20952 In A2DP_BuildCodecHeaderSbc of a2dp_sbc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileg... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-20953 In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to bypass factory reset protection due to incorrect UI being shown prior to setup completion. This could lead to local escala... | 7.8 | HIGH | — | 0 |
| CVE-2023-20954 In SDP_AddAttribute of sdp_db.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. Use... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-20955 In onPrepareOptionsMenu of AppInfoDashboardFragment.java, there is a possible way to bypass admin restrictions and uninstall applications for all users due to a missing permission check. This could le... | 7.8 | HIGH | — | 0 |
| CVE-2023-20956 In Import of C2SurfaceSyncObj.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User ... | 4.4 | MEDIUM | — | 0 |
| CVE-2023-20957 In onAttach of SettingsPreferenceFragment.java, there is a possible bypass of Factory Reset Protections due to a confused deputy. This could lead to local escalation of privilege with no additional ex... | 7.8 | HIGH | — | 0 |
| CVE-2023-20958 In read_paint of ttcolr.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User in... | 7.1 | HIGH | — | 0 |
| CVE-2023-20960 In launchDeepLinkIntentToRight of SettingsHomepageActivity.java, there is a possible way to launch arbitrary activities due to improper input validation. This could lead to local escalation of privile... | 8.8 | HIGH | — | 0 |
| CVE-2023-20962 In getSliceEndItem of MediaVolumePreferenceController.java, there is a possible way to start foreground activity from the background due to an unsafe PendingIntent. This could lead to local informatio... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-20964 In multiple functions of MediaSessionRecord.java, there is a possible Intent rebroadcast due to a confused deputy. This could lead to local denial of service or escalation of privilege with no additio... | 7.8 | HIGH | — | 0 |
| CVE-2023-20966 In inflate of inflate.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User in... | 7.8 | HIGH | — | 0 |
| CVE-2023-20968 In multiple functions of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. U... | 4.4 | MEDIUM | — | 0 |
| CVE-2023-20969 In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. U... | 4.4 | MEDIUM | — | 0 |
| CVE-2023-20970 In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. U... | 4.4 | MEDIUM | — | 0 |
| CVE-2023-20971 In removePermission of PermissionManagerServiceImpl.java, there is a possible way to obtain dangerous permissions without user consent due to a logic error in the code. This could lead to local escala... | 7.8 | HIGH | — | 0 |
| CVE-2023-20972 In btm_vendor_specific_evt of btm_devctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges need... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-20973 In btm_create_conn_cancel_complete of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-20974 In btm_ble_add_resolving_list_entry_complete of btm_ble_privacy.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System ex... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-20975 In getAvailabilityStatus of EnableContentCapturePreferenceController.java, there is a possible way to bypass DISALLOW_CONTENT_CAPTURE due to a permissions bypass. This could lead to local escalation o... | 7.8 | HIGH | — | 0 |
| CVE-2023-20976 In getConfirmationMessage of DefaultAutofillPicker.java, there is a possible way to mislead the user to select default autofill application due to improper input validation. This could lead to local e... | 7.3 | HIGH | — | 0 |
| CVE-2023-20977 In btm_ble_read_remote_features_complete of btm_ble_gap.cc, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if the firmware wer... | 4.4 | MEDIUM | — | 0 |
| CVE-2023-20979 In GetNextSourceDataPacket of bta_av_co.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privilege... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-20988 In btm_read_rssi_complete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execu... | 4.5 | MEDIUM | — | 0 |
| CVE-2023-20989 In btm_ble_write_adv_enable_complete of btm_ble_gap.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution priv... | 4.4 | MEDIUM | — | 0 |
| CVE-2023-20993 In multiple functions of SnoozeHelper.java, there is a possible failure to persist settings due to an uncaught exception. This could lead to local escalation of privilege with no additional execution ... | 7.8 | HIGH | — | 0 |
| CVE-2023-20995 In captureImage of CustomizedSensor.cpp, there is a possible way to bypass the fingerprint unlock due to a logic error in the code. This could lead to local escalation of privilege with no additional ... | 7.8 | HIGH | — | 0 |
| CVE-2023-20996 In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. U... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-20997 In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. U... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-20998 In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. U... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-20999 In multiple locations, there is a possible way to trigger a persistent reboot loop due to improper input validation. This could lead to local denial of service with User execution privileges needed. U... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-21000 In MediaCodec.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not ... | 7.8 | HIGH | — | 0 |
| CVE-2023-21001 In onContextItemSelected of NetworkProviderSettings.java, there is a possible way for users to change the Wi-Fi settings of other users due to a missing permission check. This could lead to local esca... | 7.8 | HIGH | — | 0 |
| CVE-2023-21002 In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no ... | 7.8 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.