CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-205570663
The Brizy WordPress plugin before 2.4.2 does not sanitise and escape some element content, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks
In io_identity_cow of io_uring.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238177383References: Upstream kernel
Product: AndroidVersions: Android kernelAndroid ID: A-204782372References: N/A
Product: AndroidVersions: Android kernelAndroid ID: A-210916981References: N/A
Product: AndroidVersions: Android kernelAndroid ID: A-184676385References: N/A
Product: AndroidVersions: Android kernelAndroid ID: A-216363416References: N/A
Product: AndroidVersions: Android kernelAndroid ID: A-205714161References: N/A
Product: AndroidVersions: Android kernelAndroid ID: A-207975764References: N/A
Product: AndroidVersions: Android kernelAndroid ID: A-218701042References: N/A