Google Android vulnerabilities
9,646 known vulnerabilities affecting google/android.
Total CVEs
9,646
CISA KEV
48
actively exploited
Public exploits
89
Exploited in wild
44
Severity breakdown
CRITICAL883HIGH5184MEDIUM3317LOW260UNKNOWN2
Vulnerabilities
Page 101 of 483
CVE-2023-35655MEDIUMCVSS 6.7vAndroid kernel2023-10-11
CVE-2023-35655 [MEDIUM] CWE-125 CVE-2023-35655: In CanConvertPadV2Op of darwinn_mlir_converter_aidl.cc, there is a possible out of bounds read due t
In CanConvertPadV2Op of darwinn_mlir_converter_aidl.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2023-35654MEDIUMCVSS 6.7vAndroid kernel2023-10-11
CVE-2023-35654 [MEDIUM] CWE-125 CVE-2023-35654: In ctrl_roi of stmvl53l1_module.c, there is a possible out of bounds read due to an incorrect bounds
In ctrl_roi of stmvl53l1_module.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2023-35653MEDIUMCVSS 4.4vAndroid kernel2023-10-11
CVE-2023-35653 [MEDIUM] CWE-863 CVE-2023-35653: In TBD of TBD, there is a possible way to access location information due to a permissions bypass. T
In TBD of TBD, there is a possible way to access location information due to a permissions bypass. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2023-35645MEDIUMCVSS 6.4vAndroid kernel2023-10-11
CVE-2023-35645 [MEDIUM] CWE-362 CVE-2023-35645: In tbd of tbd, there is a possible memory corruption due to a race condition. This could lead to loc
In tbd of tbd, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
nvd
CVE-2023-40634HIGHCVSS 7.8v11.0v12.0+1 more2023-10-08
CVE-2023-40634 [HIGH] CWE-862 CVE-2023-40634: In phasechecksercer, there is a possible missing permission check. This could lead to local escalati
In phasechecksercer, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
nvd
CVE-2023-40632HIGHCVSS 7.5v13.02023-10-08
CVE-2023-40632 [HIGH] CWE-416 CVE-2023-40632: In jpg driver, there is a possible use after free due to a logic error. This could lead to remote in
In jpg driver, there is a possible use after free due to a logic error. This could lead to remote information disclosure no additional execution privileges needed
nvd
CVE-2023-40635HIGHCVSS 7.8v11.02023-10-08
CVE-2023-40635 [HIGH] CWE-862 CVE-2023-40635: In linkturbo, there is a possible missing permission check. This could lead to local escalation of p
In linkturbo, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
nvd
CVE-2023-40642MEDIUMCVSS 5.5v11.0v12.02023-10-08
CVE-2023-40642 [MEDIUM] CWE-862 CVE-2023-40642: In Messaging, there is a possible missing permission check. This could lead to local information dis
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
nvd
CVE-2023-40652MEDIUMCVSS 4.4v11.02023-10-08
CVE-2023-40652 [MEDIUM] CWE-787 CVE-2023-40652: In jpg driver, there is a possible out of bounds write due to improper input validation. This could
In jpg driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed
nvd
CVE-2023-40637MEDIUMCVSS 5.5v10.0v11.0+1 more2023-10-08
CVE-2023-40637 [MEDIUM] CWE-862 CVE-2023-40637: In telecom service, there is a possible missing permission check. This could lead to local informati
In telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges
nvd
CVE-2023-40631MEDIUMCVSS 4.4v10.0v11.0+1 more2023-10-08
CVE-2023-40631 [MEDIUM] CWE-862 CVE-2023-40631: In Dialer, there is a possible missing permission check. This could lead to local information disclo
In Dialer, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed
nvd
CVE-2023-40647MEDIUMCVSS 5.5v11.0v12.02023-10-08
CVE-2023-40647 [MEDIUM] CWE-862 CVE-2023-40647: In Messaging, there is a possible missing permission check. This could lead to local information dis
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
nvd
CVE-2023-40644MEDIUMCVSS 5.5v11.0v12.02023-10-08
CVE-2023-40644 [MEDIUM] CWE-862 CVE-2023-40644: In Messaging, there is a possible missing permission check. This could lead to local information dis
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
nvd
CVE-2023-40653MEDIUMCVSS 6.7v11.02023-10-08
CVE-2023-40653 [MEDIUM] CWE-862 CVE-2023-40653: In FW-PackageManager, there is a possible missing permission check. This could lead to local escalat
In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed
nvd
CVE-2023-40641MEDIUMCVSS 5.5v11.0v12.02023-10-08
CVE-2023-40641 [MEDIUM] CWE-862 CVE-2023-40641: In Messaging, there is a possible missing permission check. This could lead to local information dis
In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
nvd
CVE-2023-40638MEDIUMCVSS 4.4v11.02023-10-08
CVE-2023-40638 [MEDIUM] CWE-862 CVE-2023-40638: In Telecom service, there is a possible missing permission check. This could lead to local denial of
In Telecom service, there is a possible missing permission check. This could lead to local denial of service with System execution privileges needed
nvdandroid
CVE-2023-40633MEDIUMCVSS 5.5v11.0v12.0+1 more2023-10-08
CVE-2023-40633 [MEDIUM] CWE-862 CVE-2023-40633: In phasecheckserver, there is a possible missing permission check. This could lead to local informat
In phasecheckserver, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed
nvd
CVE-2023-40654MEDIUMCVSS 6.7v11.02023-10-08
CVE-2023-40654 [MEDIUM] CWE-862 CVE-2023-40654: In FW-PackageManager, there is a possible missing permission check. This could lead to local escalat
In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed
nvd
CVE-2023-40651MEDIUMCVSS 4.4v11.0v12.0+1 more2023-10-08
CVE-2023-40651 [MEDIUM] CWE-787 CVE-2023-40651: In urild service, there is a possible out of bounds write due to a missing bounds check. This could
In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
nvd
CVE-2023-40636MEDIUMCVSS 4.4v11.02023-10-08
CVE-2023-40636 [MEDIUM] CWE-862 CVE-2023-40636: In telecom service, there is a possible way to write permission usage records of an app due to a mis
In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with System execution privileges needed
nvd