CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40074
https://notcve.org/view.php?id=CVE-2023-40074
04 Dec 2023 — In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. En saveToXml de PersistableBundle.java, los datos no válidos podrían provocar una denegación de servicio persistente local sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación. • https://android.googlesource.com/platform/frameworks/base/+/40e4ea759743737958dde018f3606d778f7a53f3 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-40073
https://notcve.org/view.php?id=CVE-2023-40073
04 Dec 2023 — In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. En visitUris de Notification.java, existe una posible lectura de medios entre usuarios debido a Confused Deputy. Esto podría dar lugar a la divulgación de información local sin necesidad de privilegios de ejecución adicionales. • https://android.googlesource.com/platform/frameworks/base/+/fe6fef4f9c1f75c12bffa4a1d16d9990cc3fbc35 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-35668
https://notcve.org/view.php?id=CVE-2023-35668
04 Dec 2023 — In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. En visitUris de Notification.java, existe una forma posible de mostrar imágenes de otro usuario debido a un diputado confundido. Esto podría dar lugar a la divulgación de información local sin necesidad de privilegios de ejecución adicionales. • https://android.googlesource.com/platform/frameworks/base/+/b7bd7df91740da680a5c3a84d8dd91b4ca6956dd •
CVSS: 6.7EPSS: 0%CPEs: 30EXPL: 0CVE-2023-32870
https://notcve.org/view.php?id=CVE-2023-32870
04 Dec 2023 — In display drm, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363740; Issue ID: ALPS07363740. En display drm, hay una posible lectura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 28EXPL: 0CVE-2023-32869
https://notcve.org/view.php?id=CVE-2023-32869
04 Dec 2023 — In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363632; Issue ID: ALPS07363689. En display drm, hay una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 28EXPL: 0CVE-2023-32868
https://notcve.org/view.php?id=CVE-2023-32868
04 Dec 2023 — In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363632; Issue ID: ALPS07363632. En display drm, hay una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 28EXPL: 0CVE-2023-32867
https://notcve.org/view.php?id=CVE-2023-32867
04 Dec 2023 — In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560793; Issue ID: ALPS07560793. En display drm, hay una posible escritura fuera de los límites debido a una verificación de los límites faltantes. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 28EXPL: 0CVE-2023-32866
https://notcve.org/view.php?id=CVE-2023-32866
04 Dec 2023 — In mmp, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07342152; Issue ID: ALPS07342152. En mmp, existe una posible corrupción de la memoria debido a una verificación de los límites incorrecta. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 26EXPL: 0CVE-2023-32865
https://notcve.org/view.php?id=CVE-2023-32865
04 Dec 2023 — In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363456; Issue ID: ALPS07363456. En display drm, hay una posible escritura fuera de los límites debido a una verificación de los límites incorrecta. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 27EXPL: 0CVE-2023-32864
https://notcve.org/view.php?id=CVE-2023-32864
04 Dec 2023 — In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07292187; Issue ID: ALPS07292187. En display drm, hay una posible escritura fuera de los límites debido a una verificación de los límites incorrecta. • https://corp.mediatek.com/product-security-bulletin/December-2023 • CWE-787: Out-of-bounds Write •