Total
7899 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-40640 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges | |||||
| CVE-2023-40639 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges | |||||
| CVE-2023-40638 | 2 Google, Unisoc | 5 Android, S8000, T760 and 2 more | 2024-11-21 | N/A | 4.4 MEDIUM |
| In Telecom service, there is a possible missing permission check. This could lead to local denial of service with System execution privileges needed | |||||
| CVE-2023-40637 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges | |||||
| CVE-2023-40636 | 2 Google, Unisoc | 5 Android, S8000, T760 and 2 more | 2024-11-21 | N/A | 4.4 MEDIUM |
| In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with System execution privileges needed | |||||
| CVE-2023-40635 | 2 Google, Unisoc | 11 Android, S8000, Sc9863a and 8 more | 2024-11-21 | N/A | 7.8 HIGH |
| In linkturbo, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed | |||||
| CVE-2023-40634 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 7.8 HIGH |
| In phasechecksercer, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed | |||||
| CVE-2023-40633 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In phasecheckserver, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | |||||
| CVE-2023-40632 | 2 Google, Unisoc | 4 Android, T606, T612 and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
| In jpg driver, there is a possible use after free due to a logic error. This could lead to remote information disclosure no additional execution privileges needed | |||||
| CVE-2023-40631 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 4.4 MEDIUM |
| In Dialer, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed | |||||
| CVE-2023-40142 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| In TBD of TBD, there is a possible way to bypass carrier restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-40141 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| In temp_residency_name_store of thermal_metrics.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-40140 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| In android_view_InputDevice_create of android_view_InputDevice.cpp, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-40139 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-40138 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
| In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-40137 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
| In multiple functions of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-40136 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
| In setHeader of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-40135 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
| In applyCustomDescription of SaveUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-40134 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
| In isFullScreen of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-40133 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In multiple locations of DialogFillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||