admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-30T19:00:25.146181+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-30 19:00:28 +00:00
parent 13853b6c96
commit 5d88ad9645
146 changed files with 4384 additions and 209 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
CVE-2004/CVE-2004-10xx/CVE-2004-1027.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2004-1027",
"sourceIdentifier": "cve@mitre.org",
"published": "2005-03-01T05:00:00.000",
"lastModified": "2017-07-11T01:30:40.340",
"vulnStatus": "Modified",
"lastModified": "2023-10-30T17:03:03.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -58,23 +58,23 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arj_software_inc.:unarj:2.62:*:*:*:*:*:*:*",
"matchCriteriaId": "09C72F8C-9CA0-414E-A035-884E795BAAF5"
"criteria": "cpe:2.3:a:arjsoftware:unarj:2.62:*:*:*:*:*:*:*",
"matchCriteriaId": "5C202DC6-6684-4D19-ABF4-8A6B15C382A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arj_software_inc.:unarj:2.63_a:*:*:*:*:*:*:*",
"matchCriteriaId": "00CADC2B-DACE-41AD-9B47-DC42C71130FE"
"criteria": "cpe:2.3:a:arjsoftware:unarj:2.63:a:*:*:*:*:*:*",
"matchCriteriaId": "AACEB57C-196E-4897-A7BC-9AAFFC881A72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arj_software_inc.:unarj:2.64:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE62C88-B823-4369-9DA0-4DA8852681FF"
"criteria": "cpe:2.3:a:arjsoftware:unarj:2.64:*:*:*:*:*:*:*",
"matchCriteriaId": "1DDDC1B4-1E20-4BCD-8129-3102AA4619B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arj_software_inc.:unarj:2.65:*:*:*:*:*:*:*",
"matchCriteriaId": "E46C61B0-FB21-4047-9C36-DE4E96559494"
"criteria": "cpe:2.3:a:arjsoftware:unarj:2.65:*:*:*:*:*:*:*",
"matchCriteriaId": "A05F72E0-F9CF-4E1F-BB8E-5D89EBF05D2E"
}
]
}
@ -94,44 +94,82 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027348.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lwn.net/Articles/121827/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://security.gentoo.org/glsa/glsa-200411-29.xml",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.debian.org/security/2005/dsa-628",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.debian.org/security/2005/dsa-652",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2005-007.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/11436",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17684",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"VDB Entry"
]
}
]
}

51
CVE-2020/CVE-2020-222xx/CVE-2020-22217.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2020-22217",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:19.050",
"lastModified": "2023-09-15T09:15:07.617",
"vulnStatus": "Modified",
"lastModified": "2023-10-30T17:47:38.230",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c."
},
{
"lang": "es",
"value": "Vulnerabilidad de desbordamiento de b\u00fafer en c-ares antes de 1_16_1 a 1_17_0 mediante la funci\u00f3n ares_parse_soa_reply en ares_parse_soa_reply.c."
}
],
"metrics": {
@ -17,20 +21,20 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
@ -41,7 +45,7 @@
"description": [
{
"lang": "en",
"value": "CWE-787"
"value": "CWE-125"
}
]
}
@ -66,6 +70,21 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
@ -73,12 +92,18 @@
"url": "https://github.com/c-ares/c-ares/issues/333",
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
"Exploit",
"Issue Tracking",
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00014.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

20
CVE-2021/CVE-2021-398xx/CVE-2021-39810.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2021-39810",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:47.503",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In NFC, there is a possible way to setup a default contactless payment app without user consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

76
CVE-2022/CVE-2022-03xx/CVE-2022-0353.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-0353",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-10-25T18:16:54.057",
"lastModified": "2023-10-25T20:32:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T18:18:25.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -40,8 +60,18 @@
},
"weaknesses": [
{
"source": "psirt@lenovo.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -50,14 +80,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lenovo:diagnostics:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.45.0",
"matchCriteriaId": "13DF3130-F2B6-4F16-A02A-0F5AD902F880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lenovo:hardwarescan_addin:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.4.1.1",
"matchCriteriaId": "5EB39C52-5BBE-4734-B4A0-000CF11010B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lenovo:hardwarescan_plugin:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3.1.2",
"matchCriteriaId": "C0FFB47C-DB96-446E-A399-87FDC81F7290"
}
]
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-102365",
"source": "psirt@lenovo.com"
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-94532",
"source": "psirt@lenovo.com"
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
}
]
}

20
CVE-2022/CVE-2022-202xx/CVE-2022-20264.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-20264",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:47.557",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Usage Stats Service, there is a possible way to determine whether an app is installed, without query permissions due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

4
CVE-2022/CVE-2022-205xx/CVE-2022-20531.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-20531",
"sourceIdentifier": "security@android.com",
"published": "2022-12-16T16:15:17.947",
"lastModified": "2022-12-28T19:15:09.077",
"lastModified": "2023-10-30T17:15:47.603",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"value": "** REJECT ** In Telecom, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},

70
CVE-2022/CVE-2022-36xx/CVE-2022-3698.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-3698",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-10-25T18:17:15.730",
"lastModified": "2023-10-25T20:32:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T18:11:34.410",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -40,8 +60,18 @@
},
"weaknesses": [
{
"source": "psirt@lenovo.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -50,14 +80,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lenovo:diagnostics:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.45.0",
"matchCriteriaId": "13DF3130-F2B6-4F16-A02A-0F5AD902F880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lenovo:hardwarescan_plugin:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3.1.2",
"matchCriteriaId": "C0FFB47C-DB96-446E-A399-87FDC81F7290"
}
]
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-102365",
"source": "psirt@lenovo.com"
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-94532",
"source": "psirt@lenovo.com"
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2022/CVE-2022-36xx/CVE-2022-3699.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-3699",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-10-25T18:17:15.807",
"lastModified": "2023-10-25T20:32:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T18:11:51.657",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -50,14 +70,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lenovo:diagnostics:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.45.0",
"matchCriteriaId": "13DF3130-F2B6-4F16-A02A-0F5AD902F880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lenovo:hardwarescan_addin:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.4.1.1",
"matchCriteriaId": "5EB39C52-5BBE-4734-B4A0-000CF11010B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lenovo:hardwarescan_plugin:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3.1.2",
"matchCriteriaId": "C0FFB47C-DB96-446E-A399-87FDC81F7290"
}
]
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-102365",
"source": "psirt@lenovo.com"
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-94532",
"source": "psirt@lenovo.com"
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2022/CVE-2022-384xx/CVE-2022-38484.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-38484",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-25T18:17:14.550",
"lastModified": "2023-10-25T20:32:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T18:20:44.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Existe una vulnerabilidad de carga de archivos arbitrarios y directory traversal en la funcionalidad de carga de archivos del men\u00fa Configuraci\u00f3n del sistema en AgeVolt Portal antes de la versi\u00f3n 0.1. Un atacante autenticado remotamente podr\u00eda aprovechar esta vulnerabilidad para cargar archivos en cualquier ubicaci\u00f3n del sistema operativo de destino con privilegios de servidor web."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:agevolt:agevolt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.1",
"matchCriteriaId": "BF5D8B0B-E50B-443C-B9D3-3F9917A97296"
}
]
}
]
}
],
"references": [
{
"url": "https://citadelo.com/download/CVE-2022-38484.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

65
CVE-2022/CVE-2022-384xx/CVE-2022-38485.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-38485",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-25T18:17:14.600",
"lastModified": "2023-10-25T20:32:16.527",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T18:22:31.670",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,68 @@
"value": "Existe una vulnerabilidad de directory traversal en el AgeVolt Portal anterior a la versi\u00f3n 0.1 que conduce a la divulgaci\u00f3n de informaci\u00f3n. Un atacante autenticado remoto podr\u00eda aprovechar esta vulnerabilidad para leer archivos desde cualquier ubicaci\u00f3n en el sistema operativo de destino con privilegios de servidor web."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:agevolt:agevolt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.1",
"matchCriteriaId": "BF5D8B0B-E50B-443C-B9D3-3F9917A97296"
}
]
}
]
}
],
"references": [
{
"url": "https://citadelo.com/download/CVE-2022-38485.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

14
CVE-2022/CVE-2022-417xx/CVE-2022-41775.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-41775",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2022-11-17T23:15:22.497",
"lastModified": "2023-10-27T00:15:08.653",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T17:02:02.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -59,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",

14
CVE-2022/CVE-2022-434xx/CVE-2022-43447.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43447",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2022-11-17T23:15:24.017",
"lastModified": "2023-10-27T00:15:08.747",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T17:00:35.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -59,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",

14
CVE-2023/CVE-2023-00xx/CVE-2023-0052.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0052",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-01-20T22:15:10.417",
"lastModified": "2023-10-27T00:15:09.050",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T17:01:10.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -55,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",

10
CVE-2023/CVE-2023-16xx/CVE-2023-1642.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1642",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-03-26T22:15:07.017",
"lastModified": "2023-10-21T14:15:08.920",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T18:24:11.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -131,7 +131,11 @@
},
{
"url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1642",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.224022",

20
CVE-2023/CVE-2023-212xx/CVE-2023-21293.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21293",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:47.670",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In PackageManagerNative, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-212xx/CVE-2023-21294.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21294",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:47.717",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Slice, there is a possible disclosure of installed packages due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-212xx/CVE-2023-21295.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21295",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:47.760",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In SliceManagerService, there is a possible way to check if a content provider is installed due to a missing null check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-212xx/CVE-2023-21296.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21296",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:47.803",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Permission, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-212xx/CVE-2023-21297.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21297",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:47.843",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In SEPolicy, there is a possible way to access the factory MAC address due to a permissions bypass. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-212xx/CVE-2023-21298.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21298",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:47.887",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Slice, there is a possible disclosure of installed applications due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-212xx/CVE-2023-21299.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21299",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:47.930",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Package Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21300.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21300",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:47.973",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21301.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21301",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.020",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In ActivityManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21302.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21302",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.060",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Package Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21303.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21303",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.107",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Content, here is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21304.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21304",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.153",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Content Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21305.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21305",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.197",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Content, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21306.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21306",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.233",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In ContentService, there is a possible way to read installed sync content providers due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21307.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21307",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.277",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible way for a paired Bluetooth device to access a long term identifier for an Android device due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21308.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21308",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.323",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Composer, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21309.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21309",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.367",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In libcore, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21310.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21310",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.407",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21311.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21311",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.453",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Settings, there is a possible way to control private DNS settings from a secondary user due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21312.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21312",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.497",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In IntentResolver, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21313.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21313",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.537",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Core, there is a possible way to forward calls without user knowledge due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21314.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21314",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.583",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21315.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21315",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.623",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21316.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21316",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.670",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Content, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21317.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21317",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.713",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In ContentService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21318.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21318",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.757",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Content, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21319.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21319",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.800",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In UsageStatsService, there is a possible way to read installed 3rd party apps due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21320.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21320",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.840",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Device Policy, there is a possible way to verify if a particular admin app is registered on the device due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21321.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21321",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.890",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Package Manager, there is a possible cross-user settings disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21323.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21323",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.937",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Activity Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21324.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21324",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:48.983",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Package Installer, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21325.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21325",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:49.027",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Settings, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21326.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21326",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:49.070",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Package Manager Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21327.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21327",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:49.113",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Permission Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21328.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21328",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:49.157",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Package Installer, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21329.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21329",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:49.197",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Activity Manager, there is a possible way to determine whether an app is installed due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21330.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21330",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:49.240",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Overlay Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21331.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21331",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:49.277",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In InputMethod, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21332.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21332",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:49.320",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Text Services, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21333.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21333",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:49.367",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Text Services, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21334.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21334",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:49.407",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In App Ops Service, there is a possible disclosure of information about installed packages due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21335.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21335",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:49.457",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Settings, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21336.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21336",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:49.497",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Input Method, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21337.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21337",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:49.543",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In InputMethod, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21338.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21338",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:49.667",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Input Method, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21339.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21339",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:49.783",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Minikin, there is a possible way to trigger ANR by showing a malicious message due to resource exhaustion. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21340.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21340",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:49.873",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Telecomm, there is a possible way to get the call state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21341.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21341",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:49.927",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Permission Manager, there is a possible way to bypass required permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21342.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21342",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:50.147",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Speech, there is a possible way to bypass background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21343.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21343",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:50.437",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In ActivityStarter, there is a possible background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21344.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21344",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:50.583",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Job Scheduler, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21345.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21345",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:50.640",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Game Manager Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21346.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21346",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:50.980",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Device Idle Controller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21347.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21347",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.090",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21348.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21348",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.143",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Window Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21349.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21349",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.197",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Package Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21350.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21350",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.250",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Media Projection, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21351.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21351",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.303",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Activity Manager, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21352.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21352",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.353",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In NFA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21353.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21353",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.410",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In NFA, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21354.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21354",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.460",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Package Manager Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21355.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21355",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.510",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In libaudioclient, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21356.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21356",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.557",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21357.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21357",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.607",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21358.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21358",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.653",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In UWB Google, there is a possible way for a malicious app to masquerade as system app com.android.uwb.resources due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21359.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21359",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.697",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21360.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21360",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.753",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21361.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21361",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.800",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possibility of code-execution due to a use after free. This could lead to paired device escalation of privilege in the privileged Bluetooth process with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21362.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21362",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.837",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Usage, there is a possible permanent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21364.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21364",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.883",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In ContactsProvider, there is a possible crash loop due to resource exhaustion. This could lead to local persistent denial of service in the Phone app with User execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21365.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21365",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.927",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Contacts, there is a possible crash loop due to resource exhaustion. This could lead to local denial of service in the Phone app with User execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21366.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21366",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:51.973",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Scudo, there is a possible way for an attacker to predict heap allocation patterns due to insecure implementation/design. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21367.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21367",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:52.023",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Scudo, there is a possible way to exploit certain heap OOB read/write issues due to an insecure implementation/design. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21368.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21368",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:52.070",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Audio, there is a possible out of bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21369.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21369",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:52.117",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Usage Access, there is a possible way to display a Settings usage access restriction toggle screen due to a permissions bypass. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21370.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21370",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:52.157",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In the Security Element API, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21371.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21371",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T17:15:52.203",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Secure Element, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21372.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21372",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T18:15:08.923",
"lastModified": "2023-10-30T18:21:38.740",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In libdexfile, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21373.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21373",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T18:15:08.973",
"lastModified": "2023-10-30T18:21:38.740",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Telephony, there is a possible way for a guest user to change the preferred SIM due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21374.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21374",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T18:15:09.017",
"lastModified": "2023-10-30T18:21:38.740",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In System UI, there is a possible factory reset protection bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21375.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21375",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T18:15:09.053",
"lastModified": "2023-10-30T18:21:38.740",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Sysproxy, there is a possible out of bounds write due to an integer underflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21376.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21376",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T18:15:09.100",
"lastModified": "2023-10-30T18:21:38.740",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Telephony, there is a possible way to retrieve the ICCID due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21377.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21377",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T18:15:09.137",
"lastModified": "2023-10-30T18:21:38.740",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In SELinux Policy, there is a possible restriction bypass due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21378.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21378",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T18:15:09.180",
"lastModified": "2023-10-30T18:21:38.740",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Telecomm, there is a possible way to silence the ring for calls of secondary users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21379.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21379",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T18:15:09.223",
"lastModified": "2023-10-30T18:21:38.740",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

20
CVE-2023/CVE-2023-213xx/CVE-2023-21380.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-21380",
"sourceIdentifier": "security@android.com",
"published": "2023-10-30T18:15:09.267",
"lastModified": "2023-10-30T18:21:38.740",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Bluetooth, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/docs/security/bulletin/android-14",
"source": "security@android.com"
}
]
}

Some files were not shown because too many files have changed in this diff Show More