Page 166 of 1479 results (0.012 seconds)

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

In several functions of several files, there is a possible way to access developer mode traces due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-262244249 • https://source.android.com/security/bulletin/2023-06-01 •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

In sdpu_build_uuid_seq of sdp_discovery.cc, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-239414876 • https://source.android.com/security/bulletin/2023-06-01 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

In getFullScreenIntentDecision of NotificationInterruptStateProviderImpl.java, there is a possible activity launch while the app is in the background due to a BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-274759612 • https://source.android.com/security/bulletin/2023-06-01 •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-273260090 • https://source.android.com/security/bulletin/2023-06-01 • CWE-20: Improper Input Validation •

CVSS: 6.7EPSS: 0%CPEs: 43EXPL: 0

In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only); Issue ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only). • https://corp.mediatek.com/product-security-bulletin/June-2023 • CWE-787: Out-of-bounds Write •