References to Advisories, Solutions, and Tools By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information…

References to Advisories, Solutions, and Tools By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information…

CVE-2023-21244 Detail Undergoing Analysis This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary. Description In visitUris of…

CVE-2023-21252 Detail Description In validatePassword of WifiConfigurationUtil.java, there is a possible way to get the device into a boot loop due to improper input validation. This could lead to local…

Added CPE Configuration OR *cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:* *cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:* *cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:* *cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:* Added CVSS V3.1 NIST AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Added CWE NIST CWE-400 Changed Reference Type https://android.googlesource.com/platform/frameworks/base/+/84df68840b6f2407146e722ebd95a7d8bc6e3529 No Types Assigned https://android.googlesource.com/platform/frameworks/base/+/84df68840b6f2407146e722ebd95a7d8bc6e3529 Mailing List, Patch Changed Reference…

CVE-2023-21266 Detail Description In killBackgroundProcesses of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege…

CVE-2023-21291 Detail Description In visitUris of Notification.java, there is a possible way to reveal image contents from another user due to a missing permission check. This could lead to local…

CVE-2023-23365 Detail Description A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and…

CVE-2023-23366 Detail Description A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and…

CVE-2023-23370 Detail Description An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to gain access to user…