Search CVE reports
1 – 10 of 34 results
CVE-2024-40662
Medium priorityIn scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...
2 affected packages
android-framework-23, android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | — |
android-platform-frameworks-base | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2024-0048
Medium priorityIn Session of AccountManagerService.java, there is a possible method to retain foreground service privileges due to incorrect handling of null responses. This could lead to local escalation of privilege with no additional...
2 affected packages
android-framework-23, android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | — |
android-platform-frameworks-base | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2024-0046
Medium priorityIn installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional...
2 affected packages
android-framework-23, android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | — |
android-platform-frameworks-base | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-40094
Medium priorityIn keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed....
2 affected packages
android-framework-23, android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | Ignored |
android-platform-frameworks-base | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-40074
Medium priorityIn saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
2 affected packages
android-framework-23, android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | Ignored |
android-platform-frameworks-base | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-21266
Medium priorityIn killBackgroundProcesses of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution...
1 affected package
android-framework-23
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-21137
Medium priorityIn several methods of JobStore.java, uncaught exceptions in job map parsing could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
1 affected package
android-framework-23
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-21136
Medium priorityIn multiple functions of JobStore.java, there is a possible way to cause a crash on startup due to improper input validation. This could lead to local denial of service with no additional execution privileges needed....
1 affected package
android-framework-23
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-21123
Medium priorityIn multiple functions of multiple files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with...
2 affected packages
android-framework-23, android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | Ignored |
android-platform-frameworks-base | Ignored | Ignored | Ignored | Ignored | Ignored |
CVE-2023-21122
Medium priorityIn various functions of various files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with...
2 affected packages
android-framework-23, android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Ignored | Ignored | Ignored | Ignored | Ignored |
android-platform-frameworks-base | Ignored | Ignored | Ignored | Ignored | Ignored |