Google : Security Vulnerabilities, CVEs, (Information Leak) CVSS score >= 7
In alac decoder, there is a possible information disclosure due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441146; Issue ID: ALPS08441146.
Max CVSS
9.8
EPSS Score
0.09%
Published
2024-02-05
Updated
2024-02-09
In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-12-08
Updated
2024-03-12
In ProtocolMiscCarrierConfigSimInfoIndAdapter of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-12-08
Updated
2024-03-12
In sms_DecodeCodedTpMsg of sms_PduCodec.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure if the attacker is able to observe the behavior of the subsequent switch conditional with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-12-08
Updated
2024-03-12
In ProtocolNetAcBarringInfo::ProtocolNetAcBarringInfo() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.
Max CVSS
7.5
EPSS Score
0.06%
Published
2023-12-08
Updated
2024-03-12
In telephony service, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-12-04
Updated
2023-12-07
In telephony service, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-12-04
Updated
2023-12-07
In jpg driver, there is a possible use after free due to a logic error. This could lead to remote information disclosure no additional execution privileges needed
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-10-08
Updated
2023-10-11
In DMPixelLogger_ProcessDmCommand of DMPixelLogger.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-07-13
Updated
2023-07-20
In Init of protocolnetadapter.cpp, there is a possible out of bounds read
due to a missing bounds check. This could lead to remote information
disclosure with no additional execution privileges needed. User interaction
is not needed for exploitation.
Max CVSS
7.5
EPSS Score
0.08%
Published
2023-10-18
Updated
2023-10-25
In ProfSixDecomTcpSACKoption of RohcPacketCommon.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-10-11
Updated
2023-10-18
In multiple functions of protocolembmsadapter.cpp, there is a possible out
of bounds read due to a missing bounds check. This could lead to remote
information disclosure with no additional execution privileges needed. User
interaction is not needed for exploitation.
Max CVSS
7.5
EPSS Score
0.08%
Published
2023-10-18
Updated
2023-10-25
In ProtocolEmergencyCallListIndAdapter::Init of protocolcalladapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.
Max CVSS
7.5
EPSS Score
0.06%
Published
2023-10-11
Updated
2023-10-13
In ProtocolMiscLceIndAdapter::GetConfLevel() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.
Max CVSS
9.8
EPSS Score
0.07%
Published
2023-10-11
Updated
2023-10-14
In ProtocolEmbmsGlobalCellIdAdapter::Init() of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.
Max CVSS
9.8
EPSS Score
0.07%
Published
2023-10-11
Updated
2023-10-14
In LTE protocol stack, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed
Max CVSS
7.5
EPSS Score
0.07%
Published
2023-09-04
Updated
2023-09-08
In NIA0 algorithm in Security Mode Command, there is a possible missing verification incorrect input. This could lead to remote information disclosure no additional execution privileges needed
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-09-04
Updated
2023-09-08
In NFA, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-10-30
Updated
2023-11-04
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-10-30
Updated
2023-11-03
In InputMethod, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-10-30
Updated
2023-11-07
In Package Installer, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-10-30
Updated
2023-11-06
In Slice, there is a possible disclosure of installed applications due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-10-30
Updated
2023-11-06
In multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.5
EPSS Score
0.09%
Published
2023-08-14
Updated
2023-08-24
In multiple locations of avrc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.5
EPSS Score
0.07%
Published
2023-08-14
Updated
2023-08-18
In HTBLogKM of htbserver.c, there is a possible information disclosure due to log information disclosure. This could lead to local information disclosure in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
7.5
EPSS Score
0.07%
Published
2023-12-04
Updated
2023-12-22