Vulnerabilities (CVE)

Filtered by CWE-787
Total 14129 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-20945 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In phNciNfc_MfCreateXchgDataHdr of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-246932269
CVE-2023-20941 1 Google 1 Android 2026-06-17 N/A 6.6 MEDIUM
In acc_ctrlrequest_composite of f_accessory.c, there is a possible out of bounds write due to a missing bounds check. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-264029575References: Upstream kernel
CVE-2023-20936 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In bta_av_rc_disc_done of bta_av_act.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-226927612
CVE-2023-20931 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In avdt_scb_hdl_write_req of avdt_scb_act.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-242535997
CVE-2023-20905 1 Google 1 Android 2026-06-17 N/A 7.8 HIGH
In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-241387741
CVE-2023-20895 1 Vmware 1 Vcenter Server 2026-06-17 N/A 8.1 HIGH
The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication.
CVE-2023-20894 1 Vmware 1 Vcenter Server 2026-06-17 N/A 8.1 HIGH
The VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bound write by sending a specially crafted packet leading to memory corruption.
CVE-2023-20892 1 Vmware 1 Vcenter Server 2026-06-17 N/A 8.1 HIGH
The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit heap-overflow vulnerability to execute arbitrary code on the underlying operating system that hosts vCenter Server.
CVE-2023-20872 2 Apple, Vmware 3 Mac Os X, Fusion, Workstation 2026-06-17 N/A 8.8 HIGH
VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation.
CVE-2023-20869 1 Vmware 2 Fusion, Workstation 2026-06-17 N/A 8.2 HIGH
VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
CVE-2023-20850 4 Google, Linux, Linuxfoundation and 1 more 12 Android, Linux Kernel, Yocto and 9 more 2026-06-17 N/A 6.5 MEDIUM
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340381.
CVE-2023-20842 4 Google, Linux, Linuxfoundation and 1 more 12 Android, Linux Kernel, Yocto and 9 more 2026-06-17 N/A 6.5 MEDIUM
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354259; Issue ID: ALPS07340477.
CVE-2023-20841 4 Google, Linux, Linuxfoundation and 1 more 12 Android, Linux Kernel, Yocto and 9 more 2026-06-17 N/A 6.5 MEDIUM
In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326441.
CVE-2023-20840 4 Google, Linux, Linuxfoundation and 1 more 10 Android, Linux Kernel, Yocto and 7 more 2026-06-17 N/A 6.5 MEDIUM
In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326430; Issue ID: ALPS07326430.
CVE-2023-20837 2 Google, Mediatek 18 Android, Mt6779, Mt6781 and 15 more 2026-06-17 N/A 6.7 MEDIUM
In seninf, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07992786; Issue ID: ALPS07992786.
CVE-2023-20832 5 Google, Linuxfoundation, Mediatek and 2 more 40 Android, Yocto, Mt2735 and 37 more 2026-06-17 N/A 6.7 MEDIUM
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08013530.
CVE-2023-20831 5 Google, Linuxfoundation, Mediatek and 2 more 39 Android, Yocto, Mt2735 and 36 more 2026-06-17 N/A 6.7 MEDIUM
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014162.
CVE-2023-20830 5 Google, Linuxfoundation, Mediatek and 2 more 42 Android, Yocto, Mt2713 and 39 more 2026-06-17 N/A 6.7 MEDIUM
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014156.
CVE-2023-20829 5 Google, Linuxfoundation, Mediatek and 2 more 39 Android, Yocto, Mt2735 and 36 more 2026-06-17 N/A 6.7 MEDIUM
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014148.
CVE-2023-20828 5 Google, Linuxfoundation, Mediatek and 2 more 39 Android, Yocto, Mt2735 and 36 more 2026-06-17 N/A 6.7 MEDIUM
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014144.