CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21191
https://notcve.org/view.php?id=CVE-2023-21191
In fixNotification of NotificationManagerService.java, there is a possible bypass of notification hide preference due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-269738057 • https://source.android.com/security/bulletin/pixel/2023-06-01 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21200
https://notcve.org/view.php?id=CVE-2023-21200
In on_remove_iso_data_path of btm_iso_impl.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-236688764 • https://source.android.com/security/bulletin/pixel/2023-06-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21174
https://notcve.org/view.php?id=CVE-2023-21174
In isPageSearchEnabled of BillingCycleSettings.java, there is a possible way for the guest user to change data limits due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235822222 • https://source.android.com/security/bulletin/pixel/2023-06-01 •
CVSS: 6.8EPSS: 0%CPEs: 57EXPL: 0CVE-2023-21513
https://notcve.org/view.php?id=CVE-2023-21513
Improper privilege management vulnerability in CC Mode prior to SMR Jun-2023 Release 1 allows physical attackers to manipulate device to operate in way that results in unexpected behavior in CC Mode under specific condition. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=06 • CWE-269: Improper Privilege Management •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21205
https://notcve.org/view.php?id=CVE-2023-21205
In startWpsPinDisplayInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262245376 • https://source.android.com/security/bulletin/pixel/2023-06-01 • CWE-502: Deserialization of Untrusted Data •