Search CVE reports
11 – 20 of 608 results
CVE-2023-21266
Medium priorityIn killBackgroundProcesses of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution...
1 affected package
android-framework-23
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-21253
Medium priorityIn multiple locations, there is a possible way to crash multiple system services due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed...
1 affected package
android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-platform-frameworks-base | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-21244
Medium priorityIn visitUris of Notification.java, there is a possible bypass of user profile boundaries due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction...
1 affected package
android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-platform-frameworks-base | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-4039
Medium prioritySome fixes available 21 of 200
**DISPUTED**A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this...
65 affected packages
gcc-10, gcc-10-cross, gcc-10-cross-mipsen, gcc-10-cross-ports, gcc-11...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gcc-10 | Fixed | Needs evaluation | Needs evaluation | Not in release | Not in release |
gcc-10-cross | Fixed | Needs evaluation | Needs evaluation | Not in release | Not in release |
gcc-10-cross-mipsen | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
gcc-10-cross-ports | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
gcc-11 | Fixed | Vulnerable | Not in release | Not in release | Not in release |
gcc-11-cross | Fixed | Vulnerable | Not in release | Not in release | Not in release |
gcc-11-cross-mipsen | Needs evaluation | Not in release | Not in release | Not in release | Not in release |
gcc-11-cross-ports | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
gcc-12 | Fixed | Vulnerable | Not in release | Not in release | Not in release |
gcc-12-cross | Fixed | Vulnerable | Not in release | Not in release | Not in release |
gcc-12-cross-mipsen | Needs evaluation | Not in release | Not in release | Not in release | Not in release |
gcc-12-cross-ports | Needs evaluation | Needs evaluation | Not in release | Not in release | Not in release |
gcc-13 | Fixed | Not in release | Not in release | Not in release | Not in release |
gcc-13-cross | Not affected | Not in release | Not in release | Not in release | Not in release |
gcc-13-cross-ports | Fixed | Not in release | Not in release | Not in release | Not in release |
gcc-3.3 | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-4.4 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.6 | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-4.7 | Not in release | Not in release | Not in release | Not in release | Ignored |
gcc-4.7-armel-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.7-armhf-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.8 | Not in release | Not in release | Not in release | Needs evaluation | Ignored |
gcc-4.8-arm64-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.8-armhf-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.8-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.8-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-4.9 | Not in release | Not in release | Not in release | Not in release | Ignored |
gcc-4.9-cross | Not in release | Not in release | Not in release | Ignored | Needs evaluation |
gcc-5 | Not in release | Not in release | Not in release | Needs evaluation | Ignored |
gcc-5-cross | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
gcc-5-cross-ports | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
gcc-6 | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-6-cross | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-6-cross-ports | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-7 | Not in release | Not in release | Needs evaluation | Needs evaluation | Not in release |
gcc-7-cross | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-7-cross-ports | Not in release | Not in release | Not in release | Needs evaluation | Not in release |
gcc-8 | Not in release | Not in release | Needs evaluation | Needs evaluation | Not in release |
gcc-8-cross | Not in release | Not in release | Needs evaluation | Needs evaluation | Not in release |
gcc-8-cross-ports | Not in release | Not in release | Needs evaluation | Needs evaluation | Not in release |
gcc-9 | Fixed | Needs evaluation | Needs evaluation | Not in release | Not in release |
gcc-9-cross | Fixed | Needs evaluation | Needs evaluation | Not in release | Not in release |
gcc-9-cross-mipsen | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
gcc-9-cross-ports | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Not in release |
gcc-arm-linux-androideabi | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-arm-none-eabi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-avr | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-defaults | Not affected | Not affected | Not affected | Not affected | Not affected |
gcc-defaults-arm64-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armel-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-armhf-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-powerpc-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-defaults-ppc64el-cross | Not in release | Not in release | Not in release | Not in release | Not in release |
gcc-h8300-hms | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-i686-linux-android | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
gcc-m68hc1x | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-mingw-w64 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-msp430 | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-opt | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-or1k-elf | Needs evaluation | Needs evaluation | Not in release | Ignored | Ignored |
gcc-riscv64-unknown-elf | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Ignored |
gcc-snapshot | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
gcc-xtensa-lx106 | Not in release | Needs evaluation | Needs evaluation | Ignored | Ignored |
gccgo-4.9 | Not in release | Not in release | Not in release | Not in release | Not in release |
gccgo-6 | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
CVE-2023-35683
Medium priorityIn bindSelection of DatabaseUtils.java, there is a possible way to access files from other applications due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User...
1 affected package
android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-platform-frameworks-base | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-21137
Medium priorityIn several methods of JobStore.java, uncaught exceptions in job map parsing could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
1 affected package
android-framework-23
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-21136
Medium priorityIn multiple functions of JobStore.java, there is a possible way to cause a crash on startup due to improper input validation. This could lead to local denial of service with no additional execution privileges needed....
1 affected package
android-framework-23
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-21123
Medium priorityIn multiple functions of multiple files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with...
2 affected packages
android-framework-23, android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | Ignored |
android-platform-frameworks-base | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-21122
Medium priorityIn various functions of various files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with...
2 affected packages
android-framework-23, android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | Ignored |
android-platform-frameworks-base | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-21105
Medium priorityIn multiple functions of ChooserActivity.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is...
2 affected packages
android-framework-23, android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | Ignored |
android-platform-frameworks-base | Ignored | Ignored | Ignored | Ignored | Ignored |