Total
7741 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-21263 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
In OSMMapPMRGeneric of pmr_os.c, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-21228 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-21227 | 1 Google | 1 Android | 2023-12-22 | N/A | 7.5 HIGH |
In HTBLogKM of htbserver.c, there is a possible information disclosure due to log information disclosure. This could lead to local information disclosure in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-21218 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-21217 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
In PMRWritePMPageList of TBD, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-21216 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-21215 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
In DevmemIntAcquireRemoteCtx of devicemem_server.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-21166 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
In RGXBackingZSBuffer of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-21164 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
In DevmemIntMapPMR of devicemem_server.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-21163 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
In PMR_ReadBytes of pmr.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-21162 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
In RGXUnbackingZSBuffer of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2023-42579 | 2 Google, Samsung | 2 Android, Samsung Keyboard | 2023-12-12 | N/A | 5.3 MEDIUM |
Improper usage of insecure protocol (i.e. HTTP) in SogouSDK of Chinese Samsung Keyboard prior to versions 5.3.70.1 in Android 11, 5.4.60.49, 5.4.85.5, 5.5.00.58 in Android 12, and 5.6.00.52, 5.6.10.42, 5.7.00.45 in Android 13 allows adjacent attackers to access keystroke data using Man-in-the-Middle attack. | |||||
CVE-2023-32847 | 2 Google, Mediatek | 47 Android, Mt2713, Mt6580 and 44 more | 2023-12-10 | N/A | 7.8 HIGH |
In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08241940; Issue ID: ALPS08241940. | |||||
CVE-2023-42698 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-12-10 | N/A | 5.5 MEDIUM |
In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
CVE-2023-22448 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2023-12-10 | N/A | 7.2 HIGH |
Improper access control for some Intel Unison software may allow a privileged user to potentially enable escalation of privilege via network access. | |||||
CVE-2023-42749 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-12-10 | N/A | 5.5 MEDIUM |
In enginnermode service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
CVE-2023-42731 | 2 Google, Unisoc | 4 Android, T606, T612 and 1 more | 2023-12-10 | N/A | 4.4 MEDIUM |
In Gnss service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | |||||
CVE-2022-46298 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2023-12-10 | N/A | 4.4 MEDIUM |
Incomplete cleanup for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access. | |||||
CVE-2023-39221 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2023-12-10 | N/A | 8.8 HIGH |
Improper access control for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access. | |||||
CVE-2022-42537 | 1 Google | 1 Android | 2023-12-10 | N/A | 9.8 CRITICAL |
Remote code execution |