Search CVE reports


Toggle filters

11 – 20 of 608 results


CVE-2023-21266

Medium priority
Ignored

In killBackgroundProcesses of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution...

1 affected package

android-framework-23

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android-framework-23 Ignored Ignored Ignored Ignored Ignored
Show less packages

CVE-2023-21253

Medium priority
Ignored

In multiple locations, there is a possible way to crash multiple system services due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed...

1 affected package

android-platform-frameworks-base

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android-platform-frameworks-base Ignored Ignored Ignored Ignored Ignored
Show less packages

CVE-2023-21244

Medium priority
Ignored

In visitUris of Notification.java, there is a possible bypass of user profile boundaries due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction...

1 affected package

android-platform-frameworks-base

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android-platform-frameworks-base Ignored Ignored Ignored Ignored Ignored
Show less packages

CVE-2023-4039

Medium priority

Some fixes available 21 of 200

**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this...

65 affected packages

gcc-10, gcc-10-cross, gcc-10-cross-mipsen, gcc-10-cross-ports, gcc-11...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
gcc-10 Fixed Needs evaluation Needs evaluation Not in release Not in release
gcc-10-cross Fixed Needs evaluation Needs evaluation Not in release Not in release
gcc-10-cross-mipsen Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
gcc-10-cross-ports Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
gcc-11 Fixed Vulnerable Not in release Not in release Not in release
gcc-11-cross Fixed Vulnerable Not in release Not in release Not in release
gcc-11-cross-mipsen Needs evaluation Not in release Not in release Not in release Not in release
gcc-11-cross-ports Needs evaluation Needs evaluation Not in release Not in release Not in release
gcc-12 Fixed Vulnerable Not in release Not in release Not in release
gcc-12-cross Fixed Vulnerable Not in release Not in release Not in release
gcc-12-cross-mipsen Needs evaluation Not in release Not in release Not in release Not in release
gcc-12-cross-ports Needs evaluation Needs evaluation Not in release Not in release Not in release
gcc-13 Fixed Not in release Not in release Not in release Not in release
gcc-13-cross Not affected Not in release Not in release Not in release Not in release
gcc-13-cross-ports Fixed Not in release Not in release Not in release Not in release
gcc-3.3 Not affected Not affected Not affected Not affected Not affected
gcc-4.4 Not in release Not in release Not in release Not in release Not in release
gcc-4.6 Not in release Not in release Not in release Not in release Not in release
gcc-4.7 Not in release Not in release Not in release Not in release Ignored
gcc-4.7-armel-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.7-armhf-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.8 Not in release Not in release Not in release Needs evaluation Ignored
gcc-4.8-arm64-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.8-armhf-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.8-powerpc-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.8-ppc64el-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.9 Not in release Not in release Not in release Not in release Ignored
gcc-4.9-cross Not in release Not in release Not in release Ignored Needs evaluation
gcc-5 Not in release Not in release Not in release Needs evaluation Ignored
gcc-5-cross Not in release Not in release Not in release Needs evaluation Needs evaluation
gcc-5-cross-ports Not in release Not in release Not in release Needs evaluation Needs evaluation
gcc-6 Not in release Not in release Not in release Needs evaluation Not in release
gcc-6-cross Not in release Not in release Not in release Needs evaluation Not in release
gcc-6-cross-ports Not in release Not in release Not in release Needs evaluation Not in release
gcc-7 Not in release Not in release Needs evaluation Needs evaluation Not in release
gcc-7-cross Not in release Not in release Not in release Needs evaluation Not in release
gcc-7-cross-ports Not in release Not in release Not in release Needs evaluation Not in release
gcc-8 Not in release Not in release Needs evaluation Needs evaluation Not in release
gcc-8-cross Not in release Not in release Needs evaluation Needs evaluation Not in release
gcc-8-cross-ports Not in release Not in release Needs evaluation Needs evaluation Not in release
gcc-9 Fixed Needs evaluation Needs evaluation Not in release Not in release
gcc-9-cross Fixed Needs evaluation Needs evaluation Not in release Not in release
gcc-9-cross-mipsen Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
gcc-9-cross-ports Needs evaluation Needs evaluation Needs evaluation Not in release Not in release
gcc-arm-linux-androideabi Not in release Not in release Not in release Not in release Needs evaluation
gcc-arm-none-eabi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-avr Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-defaults Not affected Not affected Not affected Not affected Not affected
gcc-defaults-arm64-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armel-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armhf-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-powerpc-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-ppc64el-cross Not in release Not in release Not in release Not in release Not in release
gcc-h8300-hms Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-i686-linux-android Not in release Not in release Not in release Not in release Needs evaluation
gcc-m68hc1x Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-mingw-w64 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-msp430 Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-opt Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-or1k-elf Needs evaluation Needs evaluation Not in release Ignored Ignored
gcc-riscv64-unknown-elf Needs evaluation Needs evaluation Needs evaluation Ignored Ignored
gcc-snapshot Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-xtensa-lx106 Not in release Needs evaluation Needs evaluation Ignored Ignored
gccgo-4.9 Not in release Not in release Not in release Not in release Not in release
gccgo-6 Not in release Not in release Not in release Not in release Needs evaluation
Show all 65 packages Show less packages

CVE-2023-35683

Medium priority
Ignored

In bindSelection of DatabaseUtils.java, there is a possible way to access files from other applications due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User...

1 affected package

android-platform-frameworks-base

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android-platform-frameworks-base Ignored Ignored Ignored Ignored Ignored
Show less packages

CVE-2023-21137

Medium priority
Ignored

In several methods of JobStore.java, uncaught exceptions in job map parsing could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

1 affected package

android-framework-23

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android-framework-23 Ignored Ignored Ignored Ignored Ignored
Show less packages

CVE-2023-21136

Medium priority
Ignored

In multiple functions of JobStore.java, there is a possible way to cause a crash on startup due to improper input validation. This could lead to local denial of service with no additional execution privileges needed....

1 affected package

android-framework-23

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android-framework-23 Ignored Ignored Ignored Ignored Ignored
Show less packages

CVE-2023-21123

Medium priority
Ignored

In multiple functions of multiple files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with...

2 affected packages

android-framework-23, android-platform-frameworks-base

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android-framework-23 Ignored Ignored Ignored Ignored Ignored
android-platform-frameworks-base Ignored Ignored Ignored Ignored Ignored
Show less packages

CVE-2023-21122

Medium priority
Ignored

In various functions of various files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with...

2 affected packages

android-framework-23, android-platform-frameworks-base

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android-framework-23 Ignored Ignored Ignored Ignored Ignored
android-platform-frameworks-base Ignored Ignored Ignored Ignored Ignored
Show less packages

CVE-2023-21105

Medium priority
Ignored

In multiple functions of ChooserActivity.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...

2 affected packages

android-framework-23, android-platform-frameworks-base

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android-framework-23 Ignored Ignored Ignored Ignored Ignored
android-platform-frameworks-base Ignored Ignored Ignored Ignored Ignored
Show less packages