CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21309
https://notcve.org/view.php?id=CVE-2023-21309
This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/docs/security/bulletin/android-14 • CWE-125: Out-of-bounds Read •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21307
https://notcve.org/view.php?id=CVE-2023-21307
This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/docs/security/bulletin/android-14 • CWE-287: Improper Authentication •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21306
https://notcve.org/view.php?id=CVE-2023-21306
In ContentService, there is a possible way to read installed sync content providers due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/docs/security/bulletin/android-14 • CWE-203: Observable Discrepancy •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21305
https://notcve.org/view.php?id=CVE-2023-21305
In Content, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/docs/security/bulletin/android-14 • CWE-203: Observable Discrepancy •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21304
https://notcve.org/view.php?id=CVE-2023-21304
In Content Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/docs/security/bulletin/android-14 • CWE-203: Observable Discrepancy •