Google Android vulnerabilities
9,646 known vulnerabilities affecting google/android.
Total CVEs
9,646
CISA KEV
48
actively exploited
Public exploits
89
Exploited in wild
44
Severity breakdown
CRITICAL883HIGH5184MEDIUM3317LOW260UNKNOWN2
Vulnerabilities
Page 84 of 483
CVE-2023-42738HIGHCVSS 7.8v11.0v12.0+1 more2023-12-04
CVE-2023-42738 [HIGH] CWE-862 CVE-2023-42738: In telocom service, there is a possible missing permission check. This could lead to local escalatio
In telocom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
nvd
CVE-2023-42685HIGHCVSS 7.8v10.02023-12-04
CVE-2023-42685 [HIGH] CWE-862 CVE-2023-42685: In wifi service, there is a possible missing permission check. This could lead to local escalation o
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
nvd
CVE-2023-42696HIGHCVSS 7.8v11.0v12.0+1 more2023-12-04
CVE-2023-42696 [HIGH] CWE-862 CVE-2023-42696: In telecom service, there is a possible missing permission check. This could lead to local escalatio
In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
nvd
CVE-2023-42717HIGHCVSS 7.5v11.0v12.02023-12-04
CVE-2023-42717 [HIGH] CWE-668 CVE-2023-42717: In telephony service, there is a possible missing permission check. This could lead to remote inform
In telephony service, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed
nvd
CVE-2023-40084HIGHCVSS 7.8v11.0v12.0+8 more2023-12-04
CVE-2023-40084 [HIGH] CWE-416 CVE-2023-40084: In run of MDnsSdListener.cpp, there is a possible memory corruption due to a use after free. This co
In run of MDnsSdListener.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvdandroid
CVE-2023-42694HIGHCVSS 7.8v10.02023-12-04
CVE-2023-42694 [HIGH] CWE-862 CVE-2023-42694: In wifi service, there is a possible missing permission check. This could lead to local escalation o
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
nvd
CVE-2023-40103HIGHCVSS 7.8v14.0v142023-12-04
CVE-2023-40103 [HIGH] CWE-415 CVE-2023-40103: In multiple locations, there is a possible way to corrupt memory due to a double free. This could le
In multiple locations, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvdandroid
CVE-2023-42687HIGHCVSS 7.8v10.02023-12-04
CVE-2023-42687 [HIGH] CWE-862 CVE-2023-42687: In wifi service, there is a possible missing permission check. This could lead to local escalation o
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
nvd
CVE-2023-42688HIGHCVSS 7.8v10.02023-12-04
CVE-2023-42688 [HIGH] CWE-862 CVE-2023-42688: In wifi service, there is a possible missing permission check. This could lead to local escalation o
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
nvd
CVE-2023-42716HIGHCVSS 7.5v11.0v12.02023-12-04
CVE-2023-42716 [HIGH] CWE-668 CVE-2023-42716: In telephony service, there is a possible missing permission check. This could lead to remote inform
In telephony service, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed
nvd
CVE-2023-42690HIGHCVSS 7.8v10.02023-12-04
CVE-2023-42690 [HIGH] CWE-862 CVE-2023-42690: In wifi service, there is a possible missing permission check. This could lead to local escalation o
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
nvd
CVE-2023-42743HIGHCVSS 7.8v11.0v12.0+1 more2023-12-04
CVE-2023-42743 [HIGH] CWE-862 CVE-2023-42743: In telecom service, there is a possible missing permission check. This could lead to local escalatio
In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
nvd
CVE-2023-40096HIGHCVSS 7.8v11.0v12.0+8 more2023-12-04
CVE-2023-40096 [HIGH] CVE-2023-40096: In OpRecordAudioMonitor::onFirstRef of AudioRecordClient.cpp, there is a possible way to record audi
In OpRecordAudioMonitor::onFirstRef of AudioRecordClient.cpp, there is a possible way to record audio from the background due to a missing flag. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
nvdandroid
CVE-2023-40077HIGHCVSS 8.1v11.0v12.0+8 more2023-12-04
CVE-2023-40077 [HIGH] CWE-362 CVE-2023-40077: In multiple functions of MetaDataBase.cpp, there is a possible UAF write due to a race condition. Th
In multiple functions of MetaDataBase.cpp, there is a possible UAF write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
nvdandroid
CVE-2023-42739HIGHCVSS 7.8v11.0v12.0+1 more2023-12-04
CVE-2023-42739 [HIGH] CWE-862 CVE-2023-42739: In engineermode service, there is a possible way to write permission usage records of an app due to
In engineermode service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
nvd
CVE-2023-42747HIGHCVSS 7.8v11.0v12.0+1 more2023-12-04
CVE-2023-42747 [HIGH] CWE-862 CVE-2023-42747: In camera service, there is a possible missing permission check. This could lead to local escalation
In camera service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
nvd
CVE-2023-42695HIGHCVSS 7.8v10.02023-12-04
CVE-2023-42695 [HIGH] CWE-862 CVE-2023-42695: In wifi service, there is a possible missing permission check. This could lead to local escalation o
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
nvd
CVE-2023-42693HIGHCVSS 7.8v10.02023-12-04
CVE-2023-42693 [HIGH] CWE-862 CVE-2023-42693: In wifi service, there is a possible missing permission check. This could lead to local escalation o
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
nvd
CVE-2023-40092MEDIUMCVSS 5.5v11.0v12.0+8 more2023-12-04
CVE-2023-40092 [MEDIUM] CVE-2023-40092: In verifyShortcutInfoPackage of ShortcutService.java, there is a possible way to see another user's
In verifyShortcutInfoPackage of ShortcutService.java, there is a possible way to see another user's image due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
nvdandroid
CVE-2022-48464MEDIUMCVSS 5.5v10.02023-12-04
CVE-2022-48464 [MEDIUM] CWE-787 CVE-2022-48464: In wifi service, there is a possible out of bounds write due to a missing bounds check. This could l
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
nvd