CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21103
https://notcve.org/view.php?id=CVE-2023-21103
In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted user data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-259064622 • https://source.android.com/security/bulletin/2023-05-01 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21109
https://notcve.org/view.php?id=CVE-2023-21109
In multiple places of AccessibilityService, there is a possible way to hide the app from the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261589597 • https://source.android.com/security/bulletin/2023-05-01 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21112
https://notcve.org/view.php?id=CVE-2023-21112
In AnalyzeMfcResp of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-252763983 • https://source.android.com/security/bulletin/2023-05-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21110
https://notcve.org/view.php?id=CVE-2023-21110
In several functions of SnoozeHelper.java, there is a possible way to grant notifications access due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-258422365 • https://source.android.com/security/bulletin/2023-05-01 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.4EPSS: 0%CPEs: 28EXPL: 0CVE-2023-20719
https://notcve.org/view.php?id=CVE-2023-20719
In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629583; Issue ID: ALPS07629583. • https://corp.mediatek.com/product-security-bulletin/May-2023 • CWE-20: Improper Input Validation •