Vulnerabilities (CVE)

Filtered by CWE-787
Total 14080 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-20985 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In BTA_GATTS_HandleValueIndication of bta_gatts_api.cc, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245915315
CVE-2023-20967 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In avdt_scb_hdl_pkt_no_frag of avdt_scb_act.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-225879503
CVE-2023-20966 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In inflate of inflate.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-242299736
CVE-2023-20956 1 Google 1 Android 2026-06-17 N/A 4.4 MEDIUM
In Import of C2SurfaceSyncObj.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-240140929
CVE-2023-20954 1 Google 1 Android 2026-06-17 N/A 9.8 CRITICAL
In SDP_AddAttribute of sdp_db.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261867748
CVE-2023-20952 1 Google 1 Android 2026-06-17 N/A 5.5 MEDIUM
In A2DP_BuildCodecHeaderSbc of a2dp_sbc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-186803518
CVE-2023-20951 1 Google 1 Android 2026-06-17 N/A 9.8 CRITICAL
In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-258652631
CVE-2023-20949 1 Google 1 Android 2026-06-17 N/A 5.5 MEDIUM
In s2mpg11_pmic_probe of s2mpg11-regulator.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-259323133References: N/A
CVE-2023-20945 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In phNciNfc_MfCreateXchgDataHdr of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-246932269
CVE-2023-20941 1 Google 1 Android 2026-06-17 N/A 6.6 MEDIUM
In acc_ctrlrequest_composite of f_accessory.c, there is a possible out of bounds write due to a missing bounds check. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-264029575References: Upstream kernel
CVE-2023-20936 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In bta_av_rc_disc_done of bta_av_act.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-226927612
CVE-2023-20931 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In avdt_scb_hdl_write_req of avdt_scb_act.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-242535997
CVE-2023-20905 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-241387741
CVE-2023-20895 1 Vmware 1 Vcenter Server 2026-06-17 N/A 8.1 HIGH
The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication.
CVE-2023-20894 1 Vmware 1 Vcenter Server 2026-06-17 N/A 8.1 HIGH
The VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bound write by sending a specially crafted packet leading to memory corruption.
CVE-2023-20892 1 Vmware 1 Vcenter Server 2026-06-17 N/A 8.1 HIGH
The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit heap-overflow vulnerability to execute arbitrary code on the underlying operating system that hosts vCenter Server.
CVE-2023-20872 2 Apple, Vmware 3 Mac Os X, Fusion, Workstation 2026-06-17 N/A 8.8 HIGH
VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation.
CVE-2023-20869 1 Vmware 2 Fusion, Workstation 2026-06-17 N/A 8.2 HIGH
VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
CVE-2023-20850 4 Google, Linux, Linuxfoundation and 1 more 12 Android, Linux Kernel, Yocto and 9 more 2026-06-17 N/A 6.5 MEDIUM
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340381.
CVE-2023-20842 4 Google, Linux, Linuxfoundation and 1 more 12 Android, Linux Kernel, Yocto and 9 more 2026-06-17 N/A 6.5 MEDIUM
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354259; Issue ID: ALPS07340477.