Total
8334 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-23278 | 4 Apple, Google, Linux and 1 more | 11 Macos, Android, Linux Kernel and 8 more | 2023-06-29 | 4.3 MEDIUM | 5.9 MEDIUM |
| Microsoft Defender for Endpoint Spoofing Vulnerability | |||||
| CVE-2022-30715 | 1 Google | 1 Android | 2023-06-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper access control vulnerability in DofViewer prior to SMR Jun-2022 Release 1 allows attackers to control floating system alert window. | |||||
| CVE-2022-28782 | 1 Google | 1 Android | 2023-06-28 | 2.1 LOW | 4.6 MEDIUM |
| Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability. | |||||
| CVE-2023-20985 | 1 Google | 1 Android | 2023-06-28 | N/A | 7.8 HIGH |
| In BTA_GATTS_HandleValueIndication of bta_gatts_api.cc, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245915315 | |||||
| CVE-2023-20981 | 1 Google | 1 Android | 2023-06-28 | N/A | 4.4 MEDIUM |
| In btu_ble_rc_param_req_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-256165737 | |||||
| CVE-2023-20990 | 1 Google | 1 Android | 2023-06-28 | N/A | 4.4 MEDIUM |
| In btm_ble_rand_enc_complete of btm_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568354 | |||||
| CVE-2023-20984 | 1 Google | 1 Android | 2023-06-28 | N/A | 4.4 MEDIUM |
| In ParseBqrLinkQualityEvt of btif_bqr.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242993878 | |||||
| CVE-2023-20991 | 1 Google | 1 Android | 2023-06-28 | N/A | 4.4 MEDIUM |
| In btm_ble_process_periodic_adv_sync_lost_evt of ble_scanner_hci_interface.cc , there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-255305114 | |||||
| CVE-2023-20982 | 1 Google | 1 Android | 2023-06-28 | N/A | 4.4 MEDIUM |
| In btm_read_tx_power_complete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568083 | |||||
| CVE-2023-20987 | 1 Google | 1 Android | 2023-06-28 | N/A | 4.5 MEDIUM |
| In btm_read_link_quality_complete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260569414 | |||||
| CVE-2023-20980 | 1 Google | 1 Android | 2023-06-28 | N/A | 5.5 MEDIUM |
| In btu_ble_ll_conn_param_upd_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260230274 | |||||
| CVE-2023-20983 | 1 Google | 1 Android | 2023-06-28 | N/A | 4.4 MEDIUM |
| In btm_ble_rand_enc_complete of btm_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260569449 | |||||
| CVE-2023-20992 | 1 Google | 1 Android | 2023-06-28 | N/A | 4.5 MEDIUM |
| In on_iso_link_quality_read of btm_iso_impl.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568750 | |||||
| CVE-2023-20986 | 1 Google | 1 Android | 2023-06-28 | N/A | 4.4 MEDIUM |
| In btm_ble_clear_resolving_list_completecomplete of btm_ble_privacy.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-255304475 | |||||
| CVE-2022-27835 | 1 Google | 1 Android | 2023-06-28 | 9.3 HIGH | 7.8 HIGH |
| Improper boundary check in UWB firmware prior to SMR Apr-2022 Release 1 allows arbitrary memory write. | |||||
| CVE-2022-26090 | 1 Google | 1 Android | 2023-06-27 | 2.1 LOW | 3.3 LOW |
| Improper access control vulnerability in SamsungContacts prior to SMR Apr-2022 Release 1 allows that attackers can access contact information without permission. | |||||
| CVE-2022-25817 | 1 Google | 1 Android | 2023-06-27 | 2.1 LOW | 3.3 LOW |
| Improper authentication in One UI Home prior to SMR Mar-2022 Release 1 allows attacker to generate pinned-shortcut without user consent. | |||||
| CVE-2022-22272 | 1 Google | 1 Android | 2023-06-27 | 2.1 LOW | 3.3 LOW |
| Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission | |||||
| CVE-2022-23433 | 2 Google, Samsung | 2 Android, Reminder | 2023-06-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08.6000 in Andoid Q(10) allows attackers to register reminders or execute exporeted activities remotely. | |||||
| CVE-2022-24932 | 2 Google, Samsung | 2 Android, Cloud | 2023-06-27 | 2.1 LOW | 4.6 MEDIUM |
| Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attacker package installation before finishing Setup wizard. | |||||