VYPR

Android

by Google

CVEs (4,717)

  • CVE-2023-48414MedDec 8, 2023
    risk 0.44cvss 6.7epss 0.00

    In the Pixel Camera Driver, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-48406MedDec 8, 2023
    risk 0.44cvss 6.7epss 0.00

    there is a possible permanent DoS or way for the modem to boot unverified firmware due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-48405MedDec 8, 2023
    risk 0.44cvss 6.7epss 0.00

    there is a possible way for the secure world to write to NS memory due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21380MedOct 30, 2023
    risk 0.44cvss 6.7epss 0.00

    In Bluetooth, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21371MedOct 30, 2023
    risk 0.44cvss 6.7epss 0.00

    In Secure Element, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21370MedOct 30, 2023
    risk 0.44cvss 6.7epss 0.00

    In the Security Element API, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21360MedOct 30, 2023
    risk 0.44cvss 6.7epss 0.00

    In Bluetooth, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21310MedOct 30, 2023
    risk 0.44cvss 6.7epss 0.00

    In Bluetooth, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-35660MedOct 11, 2023
    risk 0.44cvss 6.7epss 0.00

    In lwis_transaction_client_cleanup of lwis_transaction.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-35655MedOct 11, 2023
    risk 0.44cvss 6.7epss 0.00

    In CanConvertPadV2Op of darwinn_mlir_converter_aidl.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-35654MedOct 11, 2023
    risk 0.44cvss 6.7epss 0.00

    In ctrl_roi of stmvl53l1_module.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21244MedOct 6, 2023
    risk 0.44cvss 6.7epss 0.00

    In visitUris of Notification.java, there is a possible bypass of user profile boundaries due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21264MedAug 14, 2023
    risk 0.44cvss 6.7epss 0.00

    In multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.…

  • CVE-2023-21140MedAug 14, 2023
    risk 0.44cvss 6.8epss 0.00

    In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution…

  • CVE-2023-21134MedAug 14, 2023
    risk 0.44cvss 6.8epss 0.00

    In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution…

  • CVE-2023-21133MedAug 14, 2023
    risk 0.44cvss 6.8epss 0.00

    In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution…

  • CVE-2023-21132MedAug 14, 2023
    risk 0.44cvss 6.8epss 0.00

    In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution…

  • CVE-2023-35693MedJul 13, 2023
    risk 0.44cvss 6.7epss 0.00

    In incfs_kill_sb of fs/incfs/vfs.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21400MedJul 13, 2023
    risk 0.44cvss 6.7epss 0.00

    In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.

  • CVE-2023-21203MedJun 28, 2023
    risk 0.44cvss 6.7epss 0.00

    In startWpsPbcInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

Page 139 of 236