Total
6434 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-2054 | 2 Canonical, Google | 2 Ubuntu Linux, Android | 2023-02-28 | 4.6 MEDIUM | 7.8 HIGH |
| In the seccomp implementation prior to kernel version 4.8, there is a possible seccomp bypass due to seccomp policies that allow the use of ptrace. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-119769499 | |||||
| CVE-2021-26277 | 2 Google, Vivo | 2 Android, Frame Service | 2023-02-28 | N/A | 9.8 CRITICAL |
| The framework service handles pendingIntent incorrectly, allowing a malicious application with certain privileges to perform privileged actions. | |||||
| CVE-2020-0404 | 2 Google, Oracle | 4 Android, Communications Cloud Native Core Binding Support Function, Communications Cloud Native Core Network Exposure Function and 1 more | 2023-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
| In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111893654References: Upstream kernel | |||||
| CVE-2018-9568 | 4 Canonical, Google, Linux and 1 more | 9 Ubuntu Linux, Android, Linux Kernel and 6 more | 2023-02-24 | 7.2 HIGH | 7.8 HIGH |
| In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel. | |||||
| CVE-2023-23374 | 2 Google, Microsoft | 2 Android, Edge Chromium | 2023-02-23 | N/A | 8.3 HIGH |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||
| CVE-2023-20927 | 1 Google | 1 Android | 2023-02-23 | N/A | 7.8 HIGH |
| In permissions of AndroidManifest.xml, there is a possible way to grant signature permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244216503 | |||||
| CVE-2023-20949 | 1 Google | 1 Android | 2023-02-23 | N/A | 5.5 MEDIUM |
| In s2mpg11_pmic_probe of s2mpg11-regulator.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-259323133References: N/A | |||||
| CVE-2022-20144 | 1 Google | 1 Android | 2023-02-23 | 7.2 HIGH | 7.8 HIGH |
| In multiple functions of AvatarPhotoController.java, there is a possible access to content owned by system content providers due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-250637906 | |||||
| CVE-2022-20369 | 2 Debian, Google | 2 Debian Linux, Android | 2023-02-23 | N/A | 6.7 MEDIUM |
| In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223375145References: Upstream kernel | |||||
| CVE-2022-42783 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-22 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | |||||
| CVE-2022-47451 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-22 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | |||||
| CVE-2022-47452 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-22 | N/A | 5.5 MEDIUM |
| In gnss driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services. | |||||
| CVE-2022-44447 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-21 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible null pointer dereference issue due to a missing bounds check. This could lead to local denial of service in wlan services. | |||||
| CVE-2022-44448 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-21 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | |||||
| CVE-2022-44421 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-21 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing permission check. This could lead to local In wlan driver, information disclosure. | |||||
| CVE-2022-47329 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-21 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing permission check. This could lead to local information disclosure. | |||||
| CVE-2022-47331 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-21 | N/A | 4.7 MEDIUM |
| In wlan driver, there is a race condition. This could lead to local denial of service in wlan services. | |||||
| CVE-2022-47330 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-21 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing permission check. This could lead to local information disclosure. | |||||
| CVE-2022-47327 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-21 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing permission check. This could lead to local information disclosure. | |||||
| CVE-2022-47326 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-02-21 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing permission check. This could lead to local information disclosure. | |||||