Search CVE reports
21 – 30 of 608 results
CVE-2023-21035
Medium priorityIn multiple functions of BackupHelper.java, there is a possible way for an app to get permissions previously granted to another app with the same package name due to a permissions bypass. This could lead to local escalation of...
1 affected package
android-framework-23
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-21034
Medium priorityIn multiple functions of SensorService.cpp, there is a possible access of accurate sensor data due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction...
1 affected package
android-platform-tools
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-platform-tools | Ignored | Ignored | Not in release | Not in release | Ignored |
CVE-2023-21031
Medium priorityIn setPowerMode of HWC2.cpp, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed...
2 affected packages
android-platform-frameworks-native, android-platform-tools
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-platform-frameworks-native | Ignored | Ignored | Ignored | Ignored | Ignored |
android-platform-tools | Ignored | Ignored | Not in release | Not in release | Ignored |
CVE-2023-20964
Medium priorityIn multiple functions of MediaSessionRecord.java, there is a possible Intent rebroadcast due to a confused deputy. This could lead to local denial of service or escalation of privilege with no additional execution privileges...
1 affected package
android-framework-23
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-20953
Medium priorityIn onPrimaryClipChanged of ClipboardListener.java, there is a possible way to bypass factory reset protection due to incorrect UI being shown prior to setup completion. This could lead to local escalation of privilege with...
2 affected packages
android-framework-23, android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | Ignored |
android-platform-frameworks-base | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-20917
Medium priorityIn onTargetSelected of ResolverActivity.java, there is a possible way to share a wrong file due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User...
2 affected packages
android-framework-23, android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | Ignored |
android-platform-frameworks-base | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-20910
Medium priorityIn add of WifiNetworkSuggestionsManager.java, there is a possible way to trigger permanent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction...
1 affected package
android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-platform-frameworks-base | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2022-20499
Medium priorityIn validateForCommonR1andR2 of PasspointConfiguration.java, uncaught errors in parsing stored configs could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed...
1 affected package
android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-platform-frameworks-base | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-0136
Medium prioritySome fixes available 1 of 2
Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to execute incorrect security UI via a crafted HTML page. (Chromium security severity: Medium)
2 affected packages
android, chromium-browser
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android | — | Not in release | Not in release | Not in release | Needs evaluation |
chromium-browser | Not affected | Not affected | Not affected | Fixed | Ignored |
CVE-2023-0133
Medium prioritySome fixes available 1 of 2
Inappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to bypass main origin permission delegation via a crafted HTML page. (Chromium security severity: Medium)
2 affected packages
android, chromium-browser
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android | — | Not in release | Not in release | Not in release | Needs evaluation |
chromium-browser | Not affected | Not affected | Not affected | Fixed | Ignored |