Total
3190 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-6868 | 2 Google, Mozilla | 2 Android, Firefox | 2024-02-02 | N/A | 4.3 MEDIUM |
In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties. *This bug only affects Firefox on Android.* This vulnerability affects Firefox < 121. | |||||
CVE-2024-21382 | 2 Google, Microsoft | 2 Android, Edge Chromium | 2024-01-31 | N/A | 4.3 MEDIUM |
Microsoft Edge for Android Information Disclosure Vulnerability | |||||
CVE-2023-4907 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Android and 1 more | 2024-01-31 | N/A | 4.3 MEDIUM |
Inappropriate implementation in Intents in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low) | |||||
CVE-2023-4903 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Android and 1 more | 2024-01-31 | N/A | 4.3 MEDIUM |
Inappropriate implementation in Custom Mobile Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2023-4900 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Android and 1 more | 2024-01-31 | N/A | 4.3 MEDIUM |
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate a permission prompt via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2023-4363 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Android and 1 more | 2024-01-31 | N/A | 4.3 MEDIUM |
Inappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2023-4361 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Android and 1 more | 2024-01-31 | N/A | 5.3 MEDIUM |
Inappropriate implementation in Autofill in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2023-4350 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Android and 1 more | 2024-01-31 | N/A | 6.5 MEDIUM |
Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2023-3736 | 1 Google | 2 Android, Chrome | 2024-01-31 | N/A | 4.3 MEDIUM |
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 115.0.5790.98 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2023-48339 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-25 | N/A | 4.4 MEDIUM |
In jpg driver, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed | |||||
CVE-2023-48352 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-25 | N/A | 5.5 MEDIUM |
In phasecheckserver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed | |||||
CVE-2023-48357 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 4.4 MEDIUM |
In vsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-48356 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 4.4 MEDIUM |
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-48355 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 4.4 MEDIUM |
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-48354 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 5.5 MEDIUM |
In telephone service, there is a possible improper input validation. This could lead to local information disclosure with no additional execution privileges needed | |||||
CVE-2023-48358 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 4.4 MEDIUM |
In drm driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-48359 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 4.4 MEDIUM |
In autotest driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-48353 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-24 | N/A | 4.4 MEDIUM |
In vsp driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2023-48351 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-19 | N/A | 5.5 MEDIUM |
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed | |||||
CVE-2023-48350 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-01-19 | N/A | 5.5 MEDIUM |
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed |