CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-33916
https://notcve.org/view.php?id=CVE-2023-33916
In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges En vowifiservice es posible que falte una comprobación de permisos. Esto podría dar lugar a la divulgación de información local sin privilegios de ejecución adicionales. • https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434 • CWE-862: Missing Authorization •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-4363
https://notcve.org/view.php?id=CVE-2023-4363
Inappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page. (Chromium security severity: Medium) Una implementación inadecuada en WebShare en Google Chrome en Android anterior a 116.0.5845.96 permitía a un atacante remoto falsificar el contenido de una URL de diálogo a través de una página HTML manipulada. (Gravedad de seguridad de Chromium: Media) • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1367085 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa-5479 •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-4361
https://notcve.org/view.php?id=CVE-2023-4361
Inappropriate implementation in Autofill in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Medium) Una implementación inadecuada en Autofill en Google Chrome en Android anterior a 116.0.5845.96 permitía a un atacante remoto saltarse las restricciones de Autofill a través de una página HTML elaborada. (Gravedad de seguridad de Chromium: Media) • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1465230 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa-5479 •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-4350
https://notcve.org/view.php?id=CVE-2023-4350
Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1454817 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa-5479 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21229
https://notcve.org/view.php?id=CVE-2023-21229
In registerServiceLocked of ManagedServices.java, there is a possible bypass of background activity launch restrictions due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. • https://source.android.com/security/bulletin/wear/2023-08-01 •