Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Android
(Google)| Repositories | https://github.com/torvalds/linux |
| #Vulnerabilities | 6922 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-10-08 | CVE-2023-40648 | In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | Android | 5.5 | ||
| 2023-10-08 | CVE-2023-40649 | In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | Android | 5.5 | ||
| 2023-10-08 | CVE-2023-40650 | In Telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed | Android | 5.5 | ||
| 2023-10-08 | CVE-2023-40651 | In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | Android | 4.4 | ||
| 2023-10-08 | CVE-2023-40652 | In jpg driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed | Android | 4.4 | ||
| 2016-10-10 | CVE-2015-8955 | arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multiple HW PMUs. | Android, Linux_kernel | 7.3 | ||
| 2023-09-27 | CVE-2023-44216 | PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin. | Ryzen_5_7600x, Ryzen_7_4800u, M1_mac_mini, Macos, Ubuntu_linux, Android, Pixel_6, Core_i7\-10510u, Core_i7\-10610u, Core_i7\-11800h, Core_i7\-12700k, Core_i7\-8700, Windows_10, Windows_11, Geforce_rtx_2080_super, Geforce_rtx_3060 | 5.3 | ||
| 2023-10-02 | CVE-2023-32819 | In display, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS08014138. | Android | 4.4 | ||
| 2023-10-02 | CVE-2023-32821 | In video, there is a possible out of bounds write due to a permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08013430; Issue ID: ALPS08013433. | Android | 6.7 | ||
| 2023-09-27 | CVE-2023-44121 | The vulnerability is an intent redirection in LG ThinQ Service ("com.lge.lms2") in the "com/lge/lms/things/ui/notification/NotificationManager.java" file. This vulnerability could be exploited by a third-party app installed on an LG device by sending a broadcast with the action "com.lge.lms.things.notification.ACTION". Additionally, this vulnerability is very dangerous because LG ThinQ Service is a system app (having android:sharedUserId="android.uid.system" setting). Intent redirection in... | Android | 6.3 |