VYPR

Android SDK

by Google

CVEs (1,763)

  • CVE-2023-21209Jun 28, 2023
    risk 0.00cvss epss 0.00

    In multiple functions of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21208Jun 28, 2023
    risk 0.00cvss epss 0.00

    In setCountryCodeInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21170Jun 28, 2023
    risk 0.00cvss epss 0.00

    In executeSetClientTarget of ComposerCommandEngine.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21211Jun 28, 2023
    risk 0.00cvss epss 0.00

    In multiple files, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android…

  • CVE-2023-21213Jun 28, 2023
    risk 0.00cvss epss 0.00

    In initiateTdlsTeardownInternal of sta_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System execution privileges needed. User interaction is not needed for…

  • CVE-2023-21199Jun 28, 2023
    risk 0.00cvss epss 0.00

    In btu_ble_proc_ltk_req of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21200Jun 28, 2023
    risk 0.00cvss epss 0.00

    In on_remove_iso_data_path of btm_iso_impl.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21187Jun 28, 2023
    risk 0.00cvss epss 0.00

    In onCreate of UsbAccessoryUriActivity.java, there is a possible way to escape the Setup Wizard due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2023-21176Jun 28, 2023
    risk 0.00cvss epss 0.00

    In list_key_entries of utils.rs, there is a possible way to disable user credentials due to resource exhaustion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21179Jun 28, 2023
    risk 0.00cvss epss 0.00

    In parseSecurityParamsFromXml of XmlUtil.java, there is a possible bypass of user specified wifi encryption protocol due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2023-21181Jun 28, 2023
    risk 0.00cvss epss 0.00

    In btm_ble_update_inq_result of btm_ble_gap.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21153Jun 28, 2023
    risk 0.00cvss epss 0.00

    In Do_AIMS_SET_CALL_WAITING of imsservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21204Jun 28, 2023
    risk 0.00cvss epss 0.00

    In multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21149Jun 28, 2023
    risk 0.00cvss epss 0.00

    In registerGsmaServiceIntentReceiver of ShannonRcsService.java, there is a possible way to activate/deactivate RCS service due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not…

  • CVE-2023-21197Jun 28, 2023
    risk 0.00cvss epss 0.00

    In btm_acl_process_sca_cmpl_pkt of btm_acl.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21205Jun 28, 2023
    risk 0.00cvss epss 0.00

    In startWpsPinDisplayInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21185Jun 28, 2023
    risk 0.00cvss epss 0.00

    In multiple functions of WifiNetworkFactory.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21188Jun 28, 2023
    risk 0.00cvss epss 0.00

    In btm_ble_update_inq_result of btm_ble_gap.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21172Jun 28, 2023
    risk 0.00cvss epss 0.00

    In multiple functions of WifiCallingSettings.java, there is a possible way to change calling preferences for the admin user due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not…

  • CVE-2023-21190Jun 28, 2023
    risk 0.00cvss epss 0.00

    In btm_acl_encrypt_change of btm_acl.cc, there is a possible way for a remote device to turn off encryption without resulting in a terminated connection due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed.…

Page 13 of 89