Search CVE reports
1 – 10 of 44 results
CVE-2024-40662
Medium priorityIn scheme of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...
2 affected packages
android-framework-23, android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
android-platform-frameworks-base | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-0053
Medium priorityIn getCustomPrinterIcon of PrintManagerService.java, there is a possible way to view other user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed....
1 affected packages
android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-platform-frameworks-base | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-0048
Medium priorityIn Session of AccountManagerService.java, there is a possible method to retain foreground service privileges due to incorrect handling of null responses. This could lead to local escalation of privilege with no additional...
2 affected packages
android-framework-23, android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
android-platform-frameworks-base | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-0046
Medium priorityIn installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional...
2 affected packages
android-framework-23, android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
android-platform-frameworks-base | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-40094
Medium priorityIn keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed....
2 affected packages
android-framework-23, android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
android-platform-frameworks-base | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-40074
Medium priorityIn saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
2 affected packages
android-framework-23, android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-framework-23 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
android-platform-frameworks-base | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-40073
Medium priorityIn visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed...
1 affected packages
android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-platform-frameworks-base | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-35668
Medium priorityIn visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed....
1 affected packages
android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-platform-frameworks-base | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-21291
Medium priorityIn visitUris of Notification.java, there is a possible way to reveal image contents from another user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User...
1 affected packages
android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-platform-frameworks-base | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-21253
Medium priorityIn multiple locations, there is a possible way to crash multiple system services due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed...
1 affected packages
android-platform-frameworks-base
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android-platform-frameworks-base | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |