CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-20977
https://notcve.org/view.php?id=CVE-2023-20977
24 Mar 2023 — In btm_ble_read_remote_features_complete of btm_ble_gap.cc, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if the firmware were compromised with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-254445952 • https://source.android.com/security/bulletin/pixel/2023-06-01 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-20952
https://notcve.org/view.php?id=CVE-2023-20952
24 Mar 2023 — In A2DP_BuildCodecHeaderSbc of a2dp_sbc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-186803518 • https://source.android.com/security/bulletin/2023-03-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21027
https://notcve.org/view.php?id=CVE-2023-21027
24 Mar 2023 — In multiple functions of PasspointXmlUtils.java, there is a possible authentication misconfiguration due to a logic error in the code. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-216854451 • https://source.android.com/security/bulletin/pixel/2023-06-01 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-20985
https://notcve.org/view.php?id=CVE-2023-20985
24 Mar 2023 — In BTA_GATTS_HandleValueIndication of bta_gatts_api.cc, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245915315 • https://source.android.com/security/bulletin/pixel/2023-06-01 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-20980
https://notcve.org/view.php?id=CVE-2023-20980
24 Mar 2023 — In btu_ble_ll_conn_param_upd_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260230274 • https://source.android.com/security/bulletin/pixel/2023-06-01 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-20990
https://notcve.org/view.php?id=CVE-2023-20990
24 Mar 2023 — In btm_ble_rand_enc_complete of btm_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568354 • https://source.android.com/security/bulletin/pixel/2023-06-01 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21018
https://notcve.org/view.php?id=CVE-2023-21018
24 Mar 2023 — In UnwindingWorker of unwinding.cc, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233338564 • https://source.android.com/security/bulletin/pixel/2023-03-01 • CWE-416: Use After Free •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-20984
https://notcve.org/view.php?id=CVE-2023-20984
24 Mar 2023 — In ParseBqrLinkQualityEvt of btif_bqr.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242993878 • https://source.android.com/security/bulletin/pixel/2023-06-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2023-20955
https://notcve.org/view.php?id=CVE-2023-20955
24 Mar 2023 — In onPrepareOptionsMenu of AppInfoDashboardFragment.java, there is a possible way to bypass admin restrictions and uninstall applications for all users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-258653813 • https://github.com/Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2023-20955 • CWE-862: Missing Authorization •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-20968
https://notcve.org/view.php?id=CVE-2023-20968
24 Mar 2023 — In multiple functions of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262235935 • https://source.android.com/security/bulletin/pixel/2023-06-01 • CWE-125: Out-of-bounds Read •