Search CVE reports


Toggle filters

21 – 30 of 608 results


CVE-2023-21035

Medium priority
Ignored

In multiple functions of BackupHelper.java, there is a possible way for an app to get permissions previously granted to another app with the same package name due to a permissions bypass. This could lead to local escalation of...

1 affected package

android-framework-23

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android-framework-23 Ignored Ignored Ignored Ignored Ignored
Show less packages

CVE-2023-21034

Medium priority
Ignored

In multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction...

1 affected package

android-platform-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android-platform-tools Ignored Ignored Not in release Not in release Ignored
Show less packages

CVE-2023-21031

Medium priority
Ignored

In setPowerMode of HWC2.cpp, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed...

2 affected packages

android-platform-frameworks-native, android-platform-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android-platform-frameworks-native Ignored Ignored Ignored Ignored Ignored
android-platform-tools Ignored Ignored Not in release Not in release Ignored
Show less packages

CVE-2023-20964

Medium priority
Ignored

In multiple functions of MediaSessionRecord.java, there is a possible Intent rebroadcast due to a confused deputy. This could lead to local denial of service or escalation of privilege with no additional execution privileges...

1 affected package

android-framework-23

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android-framework-23 Ignored Ignored Ignored Ignored Ignored
Show less packages

CVE-2023-20953

Medium priority
Ignored

In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to bypass factory reset protection due to incorrect UI being shown prior to setup completion. This could lead to local escalation of privilege with...

2 affected packages

android-framework-23, android-platform-frameworks-base

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android-framework-23 Ignored Ignored Ignored Ignored Ignored
android-platform-frameworks-base Ignored Ignored Ignored Ignored Ignored
Show less packages

CVE-2023-20917

Medium priority
Ignored

In onTargetSelected of ResolverActivity.java, there is a possible way to share a wrong file due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User...

2 affected packages

android-framework-23, android-platform-frameworks-base

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android-framework-23 Ignored Ignored Ignored Ignored Ignored
android-platform-frameworks-base Ignored Ignored Ignored Ignored Ignored
Show less packages

CVE-2023-20910

Medium priority
Ignored

In add of WifiNetworkSuggestionsManager.java, there is a possible way to trigger permanent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction...

1 affected package

android-platform-frameworks-base

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android-platform-frameworks-base Ignored Ignored Ignored Ignored Ignored
Show less packages

CVE-2022-20499

Medium priority
Ignored

In validateForCommonR1andR2 of PasspointConfiguration.java, uncaught errors in parsing stored configs could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed...

1 affected package

android-platform-frameworks-base

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android-platform-frameworks-base Ignored Ignored Ignored Ignored Ignored
Show less packages

CVE-2023-0136

Medium priority

Some fixes available 1 of 2

Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to execute incorrect security UI via a crafted HTML page. (Chromium security severity: Medium)

2 affected packages

android, chromium-browser

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android Not in release Not in release Not in release Needs evaluation
chromium-browser Not affected Not affected Not affected Fixed Ignored
Show less packages

CVE-2023-0133

Medium priority

Some fixes available 1 of 2

Inappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to bypass main origin permission delegation via a crafted HTML page. (Chromium security severity: Medium)

2 affected packages

android, chromium-browser

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
android Not in release Not in release Not in release Needs evaluation
chromium-browser Not affected Not affected Not affected Fixed Ignored
Show less packages