VYPR

Android

by Google

CVEs (4,715)

  • CVE-2023-48416HigDec 8, 2023
    risk 0.49cvss 7.5epss 0.00

    In multiple locations, there is a possible null dereference due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-48410HigDec 8, 2023
    risk 0.49cvss 7.5epss 0.00

    In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-48404HigDec 8, 2023
    risk 0.49cvss 7.5epss 0.00

    In ProtocolMiscCarrierConfigSimInfoIndAdapter of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2023-48403HigDec 8, 2023
    risk 0.49cvss 7.5epss 0.00

    In sms_DecodeCodedTpMsg of sms_PduCodec.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure if the attacker is able to observe the behavior of the subsequent switch conditional with no additional execution…

  • CVE-2023-48398HigDec 8, 2023
    risk 0.49cvss 7.5epss 0.00

    In ProtocolNetAcBarringInfo::ProtocolNetAcBarringInfo() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed…

  • CVE-2023-21227HigDec 4, 2023
    risk 0.49cvss 7.5epss 0.00

    In HTBLogKM of htbserver.c, there is a possible information disclosure due to log information disclosure. This could lead to local information disclosure in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2022-42539HigNov 29, 2023
    risk 0.49cvss 7.5epss 0.00

    Information disclosure

  • CVE-2023-21391HigOct 30, 2023
    risk 0.49cvss 7.5epss 0.00

    In Messaging, there is a possible way to disable the messaging application due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21353HigOct 30, 2023
    risk 0.49cvss 7.5epss 0.00

    In NFA, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21347HigOct 30, 2023
    risk 0.49cvss 7.5epss 0.00

    In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21339HigOct 30, 2023
    risk 0.49cvss 7.5epss 0.00

    In Minikin, there is a possible way to trigger ANR by showing a malicious message due to resource exhaustion. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-35663HigOct 18, 2023
    risk 0.49cvss 7.5epss 0.00

    In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-35656HigOct 18, 2023
    risk 0.49cvss 7.5epss 0.00

    In multiple functions of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-35661HigOct 11, 2023
    risk 0.49cvss 7.5epss 0.00

    In ProfSixDecomTcpSACKoption of RohcPacketCommon.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-35652HigOct 11, 2023
    risk 0.49cvss 7.5epss 0.00

    In ProtocolEmergencyCallListIndAdapter::Init of protocolcalladapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for…

  • CVE-2023-21233HigAug 14, 2023
    risk 0.49cvss 7.5epss 0.00

    In multiple locations of avrc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21265HigAug 14, 2023
    risk 0.49cvss 7.5epss 0.00

    In multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-35694HigJul 13, 2023
    risk 0.49cvss 7.5epss 0.00

    In DMPixelLogger_ProcessDmCommand of DMPixelLogger.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21224HigJun 28, 2023
    risk 0.49cvss 7.5epss 0.00

    In ss_ProcessReturnResultComponent of ss_MmConManagement.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2023-21220HigJun 28, 2023
    risk 0.49cvss 7.5epss 0.00

    there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

Page 114 of 236