Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
android vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-35646
In TBD of TBD, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Google Android -
9.8
CVSSv3
CVE-2023-35647
In ProtocolEmbmsGlobalCellIdAdapter::Init() of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitat...
Google Android -
9.8
CVSSv3
CVE-2023-35648
In ProtocolMiscLceIndAdapter::GetConfLevel() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitat...
Google Android -
9.8
CVSSv3
CVE-2023-35662
there is a possible out of bounds write due to buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Google Android -
9.8
CVSSv3
CVE-2023-5365
HP LIFE Android Mobile application is potentially vulnerable to escalation of privilege and/or information disclosure.
Hp Life
9.8
CVSSv3
CVE-2023-35681
In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Google Android 13.0
9.8
CVSSv3
CVE-2023-42470
The Imou Life com.mm.android.smartlifeiot application up to and including 6.8.0 for Android allows Remote Code Execution via a crafted intent to an exported component. This relates to the com.mm.android.easy4ip.MainActivity activity. JavaScript execution is enabled in the WebView...
Imoulife Life
9.8
CVSSv3
CVE-2023-42471
The wave.ai.browser application up to and including 1.0.35 for Android allows a remote malicious user to execute arbitrary JavaScript code via a crafted intent. It contains a manifest entry that exports the wave.ai.browser.ui.splash.SplashScreen activity. This activity uses a Web...
Wave-ai Wave
9.8
CVSSv3
CVE-2023-21287
In multiple locations, there is a possible code execution due to type confusion. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Google Android 11.0
Google Android 12.0
Google Android 13.0
Google Android 12.1
9.8
CVSSv3
CVE-2023-20965
In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploita...
Google Android 13.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »