Google Android 12.0L
Approved changes feed: RSS · Atom
cpe:2.3:o:google:android:12.0l:*:*:*:*:*:*:*
part: o version: 12.0l update: *
| Vendor | Google (f181d1eb-7269-5bae-b76e-e66ceb214562) |
|---|---|
| Product | Android (e58fd905-14d0-5c08-b14d-4d3138d61b03) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/aosp-mirror |
purl2cpe | 2026-06-01 10:16:38.571107 |
pkg:googlesource/android |
purl2cpe | 2026-06-01 10:16:38.571108 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-34740 |
vulnerable | 2026-06-03 14:55:55.199767 |
Details available
In attributeBytesBase64 and attributeBytesHex of BinaryXmlSerializer.java, there is a possible arbitrary XML injection due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2024-08-15T21:56:33.151Z
Updated: 2024-08-16T14:07:11.752Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-31325 |
vulnerable | 2026-06-03 14:55:39.455280 |
Details available
In multiple locations, there is a possible way to reveal images across users data due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2024-07-09T20:09:16.399Z
Updated: 2024-08-02T01:52:56.246Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-31313 |
vulnerable | 2026-06-03 14:55:39.437961 |
Details available
In availableToWriteBytes of MessageQueueBase.h, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2024-07-09T20:09:15.601Z
Updated: 2024-08-02T01:52:56.323Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-31310 |
vulnerable | 2026-06-03 14:55:39.431968 |
Details available
In newServiceInfoLocked of AutofillManagerServiceImpl.java, there is a possible way to hide an enabled Autofill service app in the Autofill service settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Published: 2024-07-09T20:09:15.312Z
Updated: 2025-03-27T15:47:47.460Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-23713 |
vulnerable | 2026-06-03 14:55:04.402898 |
Details available
In migrateNotificationFilter of NotificationManagerService.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2024-05-07T21:01:29.338Z
Updated: 2024-08-01T23:13:07.259Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-23712 |
vulnerable | 2026-06-03 14:55:04.402417 |
Details available
In multiple functions of AppOpsService.java, there is a possible way to saturate the content of /data/system/appops_accesses.xml due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2024-05-07T21:01:29.249Z
Updated: 2025-03-17T17:50:47.973Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-23709 |
vulnerable | 2026-06-03 14:55:04.400721 |
Details available
In multiple locations, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Published: 2024-05-07T21:03:31.178Z
Updated: 2024-10-25T19:10:30.195Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-0050 |
not_vulnerable | 2026-06-03 14:54:00.746956 |
Details available
In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a missing validation check. This could lead to a local non-security issue with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2024-03-11T16:35:22.297Z
Updated: 2024-08-14T20:09:30.390Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-0036 |
vulnerable | 2026-06-03 14:54:00.737787 |
Details available
In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to bypass the restrictions on starting activities from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2024-02-16T00:08:17.660Z
Updated: 2024-08-21T20:12:35.267Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-0035 |
vulnerable | 2026-06-03 14:54:00.737093 |
Details available
In onNullBinding of TileLifecycleManager.java, there is a possible way to launch an activity from the background due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2024-02-16T00:08:17.297Z
Updated: 2024-08-28T14:27:48.699Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-0023 |
vulnerable | 2026-06-03 14:54:00.725705 |
Details available
In ConvertRGBToPlanarYUV of Codec2BufferUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2024-02-16T19:36:25.339Z
Updated: 2024-08-21T20:09:56.603Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-40140 |
vulnerable | 2026-06-03 14:52:42.537567 |
Details available
In android_view_InputDevice_create of android_view_InputDevice.cpp, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2023-10-27T20:22:59.679Z
Updated: 2024-09-09T19:38:12.376Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-40130 |
vulnerable | 2026-06-03 14:52:42.533782 |
Details available
In notifyTimeout of CallRedirectionProcessor, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege and background activity launch with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2023-10-27T20:22:57.878Z
Updated: 2025-12-17T15:57:10.217Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-40107 |
vulnerable | 2026-06-03 14:52:42.524659 |
Details available
In ARTPWriter of ARTPWriter.cpp, there is a possible use after free due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2024-02-15T22:31:15.170Z
Updated: 2024-08-21T20:15:47.531Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-40106 |
vulnerable | 2026-06-03 14:52:42.524028 |
Details available
In sanitizeSbn of NotificationManagerService.java, there is a possible way to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Published: 2024-02-15T22:31:15.055Z
Updated: 2024-08-27T18:22:07.493Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.