CVE-2023-21110

HIGH Year: 2023
CVSS v3 Score
7.8
High
Weakness Type
CWE-400
View all →

Vulnerability Description

In several functions of SnoozeHelper.java, there is a possible way to grant notifications access due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-258422365

Related Vulnerabilities

CVE-2017-13825

HIGH
CVSS:7.8(High)

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to execute arbitrary code or cause a denial...

CWE-4002017

CVE-2017-14177

HIGH
CVSS:7.8(High)

Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via ...

CWE-4002017

CVE-2017-14179

HIGH
CVSS:7.8(High)

Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of servic...

CWE-4002017

CVE-2017-14180

HIGH
CVSS:7.8(High)

Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial o...

CWE-4002017

CVE-2017-7132

HIGH
CVSS:7.8(High)

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows remote attackers to execute arbitrary code or cause a deni...

CWE-4002017

CVE-2017-8247

HIGH
CVSS:7.8(High)

In all Qualcomm products with Android releases from CAF using the Linux kernel, if there is more than one thread doing the device open operation, the device may be opened more than once. This would le...

CWE-4002017