Filtered by vendor Google
Subscriptions
Total
13569 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-32810 | 4 Google, Linux, Linuxfoundation and 1 more | 42 Android, Linux Kernel, Yocto and 39 more | 2024-11-21 | 4.4 Medium |
| In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07867212; Issue ID: ALPS07867212. | ||||
| CVE-2023-32809 | 2 Google, Mediatek | 35 Android, Mt2713, Mt6779 and 32 more | 2024-11-21 | 4.4 Medium |
| In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. This could lead to local leak of sensitive information with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07849753; Issue ID: ALPS07849753. | ||||
| CVE-2023-32808 | 2 Google, Mediatek | 35 Android, Mt2713, Mt6779 and 32 more | 2024-11-21 | 4.4 Medium |
| In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. This could lead to local leak of sensitive information with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07849751; Issue ID: ALPS07849751. | ||||
| CVE-2023-32807 | 3 Google, Linuxfoundation, Mediatek | 27 Android, Yocto, Iot Yocto and 24 more | 2024-11-21 | 4.4 Medium |
| In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588360; Issue ID: ALPS07588360. | ||||
| CVE-2023-32806 | 4 Google, Linuxfoundation, Mediatek and 1 more | 33 Android, Yocto, Iot Yocto and 30 more | 2024-11-21 | 6.7 Medium |
| In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441589; Issue ID: ALPS07441589. | ||||
| CVE-2023-32805 | 2 Google, Mediatek | 3 Android, Mt8168, Mt8675 | 2024-11-21 | 6.5 Medium |
| In power, there is a possible out of bounds write due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08102892; Issue ID: ALPS08102892. | ||||
| CVE-2023-31014 | 2 Google, Nvidia | 2 Android, Geforce Now | 2024-11-21 | 4.2 Medium |
| NVIDIA GeForce Now for Android contains a vulnerability in the game launcher component, where a malicious application on the same device can process the implicit intent meant for the streamer component. A successful exploit of this vulnerability may lead to limited information disclosure, denial of service, and code execution. | ||||
| CVE-2023-30730 | 2 Google, Samsung | 2 Android, Camera | 2024-11-21 | 3.3 Low |
| Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local attacker to access specific file. | ||||
| CVE-2023-30678 | 2 Google, Samsung | 2 Android, Calendar | 2024-11-21 | 5.1 Medium |
| Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file. | ||||
| CVE-2023-2626 | 1 Google | 10 Nest Hub, Nest Hub Firmware, Nest Hub Max and 7 more | 2024-11-21 | 7.5 High |
| There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packets being allowed on the Thread network. This provides a pathway for an attacker to send/receive arbitrary IPv6 packets to devices on the LAN, potentially exploiting them if they lack additional authentication or contain any network vulnerabilities that would normally be mitigated by the home router’s NAT firewall. Effected devices have been mitigated through an automatic update beyond the affected range. | ||||
| CVE-2023-2458 | 1 Google | 2 Chrome, Chrome Os | 2024-11-21 | 8.8 High |
| Use after free in ChromeOS Camera in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. (Chromium security severity: High) | ||||
| CVE-2023-2457 | 1 Google | 2 Chrome, Chrome Os | 2024-11-21 | 8.8 High |
| Out of bounds write in ChromeOS Audio Server in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker to potentially exploit heap corruption via crafted audio file. (Chromium security severity: High) | ||||
| CVE-2023-22663 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | 5.9 Medium |
| Improper authentication for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access. | ||||
| CVE-2023-22448 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | 5.9 Medium |
| Improper access control for some Intel Unison software may allow a privileged user to potentially enable escalation of privilege via network access. | ||||
| CVE-2023-22337 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | 7.5 High |
| Improper input validation for some Intel Unison software may allow an unauthenticated user to potentially enable denial of service via network access. | ||||
| CVE-2023-22292 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | 7.3 High |
| Uncaught exception for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-22290 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | 6.5 Medium |
| Uncaught exception for some Intel Unison software may allow an authenticated user to potentially enable denial of service via network access. | ||||
| CVE-2023-22285 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | 7.5 High |
| Improper access control for some Intel Unison software may allow an unauthenticated user to potentially enable denial of service via network access. | ||||
| CVE-2023-21464 | 2 Google, Samsung | 2 Android, Calendar | 2024-11-21 | 4 Medium |
| Improper access control in Samsung Calendar prior to versions 12.4.02.9000 in Android 13 and 12.3.08.2000 in Android 12 allows local attacker to configure improper status. | ||||
| CVE-2023-21463 | 2 Google, Samsung | 2 Android, Myfiles | 2024-11-21 | 4 Medium |
| Improper access control vulnerability in MyFiles application prior to versions 12.2.09.0 in Android 11, 13.1.03.501 in Android 12 and 14.1.03.0 in Android 13 allows local attacker to get sensitive information of secret mode in Samsung Internet application with specific conditions. | ||||