CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21005
https://notcve.org/view.php?id=CVE-2023-21005
In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-261193946 • https://source.android.com/security/bulletin/pixel/2023-03-01 • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21027
https://notcve.org/view.php?id=CVE-2023-21027
In multiple functions of PasspointXmlUtils.java, there is a possible authentication misconfiguration due to a logic error in the code. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-216854451 • https://source.android.com/security/bulletin/pixel/2023-06-01 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21028
https://notcve.org/view.php?id=CVE-2023-21028
In parse_printerAttributes of ipphelper.c, there is a possible out of bounds read due to a string without a null-terminator. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-180680572 • https://source.android.com/security/bulletin/pixel/2023-03-01 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20532
https://notcve.org/view.php?id=CVE-2022-20532
In parseTrackFragmentRun() of MPEG4Extractor.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-232242894 • https://source.android.com/security/bulletin/pixel/2023-03-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21006
https://notcve.org/view.php?id=CVE-2023-21006
In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-257030027 • https://source.android.com/security/bulletin/pixel/2023-03-01 • CWE-125: Out-of-bounds Read •