VYPR

Android SDK

by Google

CVEs (1,765)

  • CVE-2023-21027Mar 24, 2023
    risk 0.00cvss epss 0.00

    In multiple functions of PasspointXmlUtils.java, there is a possible authentication misconfiguration due to a logic error in the code. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2023-20957Mar 24, 2023
    risk 0.00cvss epss 0.00

    In onAttach of SettingsPreferenceFragment.java, there is a possible bypass of Factory Reset Protections due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2023-20990Mar 24, 2023
    risk 0.00cvss epss 0.00

    In btm_ble_rand_enc_complete of btm_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-20992Mar 24, 2023
    risk 0.00cvss epss 0.00

    In on_iso_link_quality_read of btm_iso_impl.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for…

  • CVE-2023-20975Mar 24, 2023
    risk 0.00cvss epss 0.00

    In getAvailabilityStatus of EnableContentCapturePreferenceController.java, there is a possible way to bypass DISALLOW_CONTENT_CAPTURE due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is…

  • CVE-2023-21018Mar 24, 2023
    risk 0.00cvss epss 0.00

    In UnwindingWorker of unwinding.cc, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21035Mar 24, 2023
    risk 0.00cvss epss 0.00

    In multiple functions of BackupHelper.java, there is a possible way for an app to get permissions previously granted to another app with the same package name due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges…

  • CVE-2023-21021Mar 24, 2023
    risk 0.00cvss epss 0.00

    In isTargetSdkLessThanQOrPrivileged of WifiServiceImpl.java, there is a possible way for the guest user to change admin user network settings due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User…

  • CVE-2023-21000Mar 24, 2023
    risk 0.00cvss epss 0.00

    In MediaCodec.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:…

  • CVE-2023-21032Mar 24, 2023
    risk 0.00cvss epss 0.00

    In _ufdt_output_node_to_fdt of ufdt_convert.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20467Mar 24, 2023
    risk 0.00cvss epss 0.00

    In isBluetoothShareUri of BluetoothOppUtility.java, there is a possible incorrect file read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2023-20983Mar 24, 2023
    risk 0.00cvss epss 0.00

    In btm_ble_rand_enc_complete of btm_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-20952Mar 24, 2023
    risk 0.00cvss epss 0.00

    In A2DP_BuildCodecHeaderSbc of a2dp_sbc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-20972Mar 24, 2023
    risk 0.00cvss epss 0.00

    In btm_vendor_specific_evt of btm_devctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21003Mar 24, 2023
    risk 0.00cvss epss 0.00

    In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2023-20936Mar 24, 2023
    risk 0.00cvss epss 0.00

    In bta_av_rc_disc_done of bta_av_act.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-20984Mar 24, 2023
    risk 0.00cvss epss 0.00

    In ParseBqrLinkQualityEvt of btif_bqr.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-20982Mar 24, 2023
    risk 0.00cvss epss 0.00

    In btm_read_tx_power_complete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for…

  • CVE-2023-20955Mar 24, 2023
    risk 0.00cvss epss 0.00

    In onPrepareOptionsMenu of AppInfoDashboardFragment.java, there is a possible way to bypass admin restrictions and uninstall applications for all users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges…

  • CVE-2022-20481Feb 28, 2023
    risk 0.00cvss epss 0.00

    In multiple files, there is a possible way to preserve WiFi settings due to residual data after a reset. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

Page 21 of 89