CVE-2023-21209

MEDIUM Year: 2023
CVSS v3 Score
6.7
Medium
Weakness Type
CWE-502
View all →

Vulnerability Description

In multiple functions of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262236273

Related Vulnerabilities

CVE-2021-34394

MEDIUM
CVSS:6.7(Medium)

Trusty contains a vulnerability in the NVIDIA OTE protocol that is present in all TAs. An incorrect message stream deserialization allows an attacker to use the malicious CA that is run by the user to...

CWE-5022021

CVE-2021-4178

MEDIUM
CVSS:6.7(Medium)

A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privile...

CWE-5022021

CVE-2025-24794

MEDIUM
CVSS:6.7(Medium)

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vul...

CWE-5022025

CVE-2013-7489

MEDIUM
CVSS:6.8(Medium)

The Beaker library through 1.11.0 for Python is affected by deserialization of untrusted data, which could lead to arbitrary code execution.

CWE-5022013

CVE-2023-38177

MEDIUM
CVSS:6.8(Medium)

Microsoft SharePoint Server Remote Code Execution Vulnerability

CWE-5022023

CVE-2024-0140

MEDIUM
CVSS:6.8(Medium)

NVIDIA RAPIDS contains a vulnerability in cuDF and cuML, where a user could cause a deserialization of untrusted data issue. A successful exploit of this vulnerability might lead to code execution, da...

CWE-5022024