CVE-2023-21246

LOW Year: 2023
CVSS v3 Score
3.3
Low
Weakness Type
CWE-754
View all →

Vulnerability Description

In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification listening access due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Related Vulnerabilities

CVE-2021-46934

LOW
CVSS:3.3(Low)

In the Linux kernel, the following vulnerability has been resolved: i2c: validate user data in compat ioctl Wrong user data may cause warning in i2c_transfer(), ex: zero msgs. Userspace should not be ...

CWE-7542021

CVE-2023-38069

LOW
CVSS:3.3(Low)

In JetBrains IntelliJ IDEA before 2023.1.4 license dialog could be suppressed in certain cases

CWE-7542023

CVE-2024-12533

LOW
CVSS:3.3(Low)

Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore Technology 4 allows Input Data Manipulation.This issue affects SecureCore Technology 4: from 4.0.1.0 before 4.0...

CWE-7542024

CVE-2025-0503

LOW
CVSS:3.1(Low)

Mattermost versions 9.11.x <= 9.11.6 fail to filter out DMs from the deleted channels endpoint which allows an attacker to infer user IDs and other metadata from deleted DMs if someone had manually ma...

CWE-7542025

CVE-2025-22445

LOW
CVSS:3.5(Low)

Mattermost versions 10.x <= 10.2 fail to accurately reflect missing settings, which allows confusion for admins regarding a Calls security-sensitive configuration via incorrect UI reporting.

CWE-7542025

CVE-2025-22848

MEDIUM
CVSS:3.5(Low)

Improper conditions check for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable denial of service via adjacent access.

CWE-7542025