Total
3190 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-32880 | 2 Google, Mediatek | 22 Android, Mt6762, Mt6765 and 19 more | 2024-01-05 | N/A | 4.4 MEDIUM |
| In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308076. | |||||
| CVE-2023-32879 | 2 Google, Mediatek | 22 Android, Mt6762, Mt6765 and 19 more | 2024-01-05 | N/A | 6.7 MEDIUM |
| In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308064. | |||||
| CVE-2023-32878 | 2 Google, Mediatek | 22 Android, Mt6762, Mt6765 and 19 more | 2024-01-05 | N/A | 4.4 MEDIUM |
| In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08307992. | |||||
| CVE-2023-32877 | 2 Google, Mediatek | 22 Android, Mt6762, Mt6765 and 19 more | 2024-01-05 | N/A | 6.7 MEDIUM |
| In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308070. | |||||
| CVE-2023-32876 | 2 Google, Mediatek | 58 Android, Mt6580, Mt6731 and 55 more | 2024-01-05 | N/A | 4.4 MEDIUM |
| In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612. | |||||
| CVE-2023-32875 | 2 Google, Mediatek | 58 Android, Mt6580, Mt6731 and 55 more | 2024-01-05 | N/A | 4.4 MEDIUM |
| In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217. | |||||
| CVE-2023-32872 | 2 Google, Mediatek | 58 Android, Mt6580, Mt6731 and 55 more | 2024-01-05 | N/A | 6.7 MEDIUM |
| In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08308607. | |||||
| CVE-2021-38641 | 2 Google, Microsoft | 2 Android, Edge | 2023-12-28 | 4.0 MEDIUM | 6.1 MEDIUM |
| Microsoft Edge for Android Spoofing Vulnerability | |||||
| CVE-2021-26439 | 2 Google, Microsoft | 2 Android, Edge | 2023-12-28 | 4.3 MEDIUM | 4.6 MEDIUM |
| Microsoft Edge for Android Information Disclosure Vulnerability | |||||
| CVE-2022-26475 | 3 Google, Linuxfoundation, Mediatek | 42 Android, Yocto, Mt6761 and 39 more | 2023-12-22 | N/A | 6.7 MEDIUM |
| In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310743; Issue ID: ALPS07310743. | |||||
| CVE-2023-45781 | 1 Google | 1 Android | 2023-12-22 | N/A | 5.5 MEDIUM |
| In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-35668 | 1 Google | 1 Android | 2023-12-22 | N/A | 5.5 MEDIUM |
| In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21394 | 1 Google | 1 Android | 2023-12-22 | N/A | 5.5 MEDIUM |
| In registerPhoneAccount of TelecomServiceImpl.java, there is a possible way to reveal images from another user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-42579 | 2 Google, Samsung | 2 Android, Samsung Keyboard | 2023-12-12 | N/A | 5.3 MEDIUM |
| Improper usage of insecure protocol (i.e. HTTP) in SogouSDK of Chinese Samsung Keyboard prior to versions 5.3.70.1 in Android 11, 5.4.60.49, 5.4.85.5, 5.5.00.58 in Android 12, and 5.6.00.52, 5.6.10.42, 5.7.00.45 in Android 13 allows adjacent attackers to access keystroke data using Man-in-the-Middle attack. | |||||
| CVE-2023-42698 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-12-10 | N/A | 5.5 MEDIUM |
| In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-42749 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-12-10 | N/A | 5.5 MEDIUM |
| In enginnermode service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-42731 | 2 Google, Unisoc | 4 Android, T606, T612 and 1 more | 2023-12-10 | N/A | 4.4 MEDIUM |
| In Gnss service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2022-46298 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2023-12-10 | N/A | 4.4 MEDIUM |
| Incomplete cleanup for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access. | |||||
| CVE-2023-42744 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-12-10 | N/A | 5.5 MEDIUM |
| In telecom service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed | |||||
| CVE-2022-48462 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-12-10 | N/A | 5.5 MEDIUM |
| In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed | |||||