Total
6434 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-20635 | 2 Google, Mediatek | 52 Android, Mt6580, Mt6731 and 49 more | 2023-03-12 | N/A | 4.4 MEDIUM |
| In keyinstall, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07563028; Issue ID: ALPS07563028. | |||||
| CVE-2023-20636 | 2 Google, Mediatek | 5 Android, Mt6895, Mt6985 and 2 more | 2023-03-12 | N/A | 6.7 MEDIUM |
| In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07292593; Issue ID: ALPS07292593. | |||||
| CVE-2023-20637 | 2 Google, Mediatek | 14 Android, Mt6879, Mt6895 and 11 more | 2023-03-12 | N/A | 6.7 MEDIUM |
| In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628588; Issue ID: ALPS07628588. | |||||
| CVE-2023-1223 | 1 Google | 2 Android, Chrome | 2023-03-10 | N/A | 4.3 MEDIUM |
| Insufficient policy enforcement in Autofill in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-1228 | 1 Google | 2 Android, Chrome | 2023-03-10 | N/A | 4.3 MEDIUM |
| Insufficient policy enforcement in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-1230 | 1 Google | 2 Android, Chrome | 2023-03-10 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious WebApp to spoof the contents of the PWA installer via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-1231 | 1 Google | 2 Android, Chrome | 2023-03-10 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Autofill in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to potentially spoof the contents of the omnibox via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2023-1234 | 1 Google | 2 Android, Chrome | 2023-03-10 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2023-20649 | 2 Google, Mediatek | 37 Android, Mt6761, Mt6762 and 34 more | 2023-03-10 | N/A | 4.4 MEDIUM |
| In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628607; Issue ID: ALPS07628607. | |||||
| CVE-2023-20651 | 2 Google, Mediatek | 14 Android, Mt6853, Mt6853t and 11 more | 2023-03-10 | N/A | 4.4 MEDIUM |
| In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629576; Issue ID: ALPS07629576. | |||||
| CVE-2023-20650 | 2 Google, Mediatek | 14 Android, Mt6853, Mt6853t and 11 more | 2023-03-10 | N/A | 6.7 MEDIUM |
| In apu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629577; Issue ID: ALPS07629577. | |||||
| CVE-2023-20642 | 2 Google, Mediatek | 14 Android, Mt6879, Mt6895 and 11 more | 2023-03-10 | N/A | 6.7 MEDIUM |
| In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628586; Issue ID: ALPS07628586. | |||||
| CVE-2023-20643 | 2 Google, Mediatek | 26 Android, Mt6739, Mt6761 and 23 more | 2023-03-10 | N/A | 6.7 MEDIUM |
| In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628584; Issue ID: ALPS07628584. | |||||
| CVE-2023-20644 | 2 Google, Mediatek | 33 Android, Mt6580, Mt6739 and 30 more | 2023-03-10 | N/A | 4.4 MEDIUM |
| In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628603; Issue ID: ALPS07628603. | |||||
| CVE-2023-20647 | 2 Google, Mediatek | 33 Android, Mt6739, Mt6761 and 30 more | 2023-03-10 | N/A | 4.4 MEDIUM |
| In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628547; Issue ID: ALPS07628547. | |||||
| CVE-2023-20645 | 2 Google, Mediatek | 20 Android, Mt6739, Mt6761 and 17 more | 2023-03-10 | N/A | 4.4 MEDIUM |
| In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628609; Issue ID: ALPS07628609. | |||||
| CVE-2023-20646 | 2 Google, Mediatek | 44 Android, Mt6737, Mt6739 and 41 more | 2023-03-10 | N/A | 4.4 MEDIUM |
| In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628536; Issue ID: ALPS07628536. | |||||
| CVE-2023-20648 | 2 Google, Mediatek | 38 Android, Mt6761, Mt6762 and 35 more | 2023-03-10 | N/A | 4.4 MEDIUM |
| In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628612; Issue ID: ALPS07628612. | |||||
| CVE-2022-20551 | 1 Google | 1 Android | 2023-03-09 | N/A | 6.7 MEDIUM |
| In createTrack of AudioFlinger.cpp, there is a possible way to record audio without a privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-243376549 | |||||
| CVE-2022-20481 | 1 Google | 1 Android | 2023-03-09 | N/A | 5.5 MEDIUM |
| In multiple files, there is a possible way to preserve WiFi settings due to residual data after a reset. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241927115 | |||||