Product:

Android

(Google)
Repositories https://github.com/torvalds/linux
#Vulnerabilities 7304
Date Id Summary Products Score Patch Annotated
2023-09-27 CVE-2023-44129 The vulnerability is that the Messaging ("com.android.mms") app patched by LG forwards attacker-controlled intents back to the attacker in the exported "com.android.mms.ui.QClipIntentReceiverActivity" activity. The attacker can abuse this functionality by launching this activity and then sending a broadcast with the "com.lge.message.action.QCLIP" action. The attacker can send, e.g., their own data/clipdata and set Intent.FLAG_GRANT_* flags. After the attacker received that intent in the... Android 3.3
2023-09-27 CVE-2023-44216 PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin. Ryzen_5_7600x, Ryzen_7_4800u, M1_mac_mini, Macos, Ubuntu_linux, Android, Pixel_6, Core_i7\-10510u, Core_i7\-10610u, Core_i7\-11800h, Core_i7\-12700k, Core_i7\-8700, Windows_10, Windows_11, Geforce_rtx_2080_super, Geforce_rtx_3060 5.3
2023-10-02 CVE-2023-32820 In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637. Android, Linux_kernel, Yocto, Iot_yocto 7.5
2023-10-02 CVE-2023-32819 In display, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS08014138. Android 4.4
2023-10-02 CVE-2023-32822 In ftm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07994229; Issue ID: ALPS07994229. Android 6.7
2023-10-02 CVE-2023-32821 In video, there is a possible out of bounds write due to a permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08013430; Issue ID: ALPS08013433. Android 6.7
2023-10-02 CVE-2023-32823 In rpmb , there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07912966; Issue ID: ALPS07912966. Android 6.7
2023-10-02 CVE-2023-32826 In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993544. Android 6.7
2023-10-02 CVE-2023-32824 In rpmb , there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07912966; Issue ID: ALPS07912961. Android 6.7
2023-10-02 CVE-2023-32827 In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993539. Android 6.7