Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-31319 (GCVE-0-2024-31319)
Vulnerability from cvelistv5 – Published: 2024-07-09 20:09 – Updated: 2024-08-02 01:52
VLAI
EPSS
Summary
In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a possible cross-user data leak due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
8.4 (High)
CWE
- Elevation of privilege
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"cpe:2.3:o:google:android:12l:*:*:*:*:*:*:*",
"cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "android",
"vendor": "google",
"versions": [
{
"status": "affected",
"version": "12.0"
},
{
"status": "affected",
"version": "12l"
},
{
"status": "affected",
"version": "13.0"
},
{
"status": "affected",
"version": "14.0"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-31319",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-10T15:11:59.859408Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-441",
"description": "CWE-441 Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-11T16:36:46.508Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:52:56.306Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://android.googlesource.com/platform/frameworks/base/+/3cc021bf608fa813a9a40932028fdde2b12a2d5e"
},
{
"tags": [
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2024-06-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a possible cross-user data leak due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T20:09:16.083Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/3cc021bf608fa813a9a40932028fdde2b12a2d5e"
},
{
"url": "https://source.android.com/security/bulletin/2024-06-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2024-31319",
"datePublished": "2024-07-09T20:09:16.083Z",
"dateReserved": "2024-03-29T20:11:33.059Z",
"dateUpdated": "2024-08-02T01:52:56.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-31319",
"date": "2026-05-29",
"epss": "0.00045",
"percentile": "0.1419"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-31319\",\"sourceIdentifier\":\"security@android.com\",\"published\":\"2024-07-09T21:15:13.313\",\"lastModified\":\"2024-12-17T17:13:47.993\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a possible cross-user data leak due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\"},{\"lang\":\"es\",\"value\":\"En updateNotificationChannelFromPrivilegedListener de NotificationManagerService.java, existe una posible fuga de datos entre usuarios debido a un diputado confundido. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.5,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-610\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-441\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8FB8EE9-FC56-4D5E-AE55-A5967634740C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C64C1583-CDE0-4C1F-BDE6-05643C1BDD72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"879FFD0C-9B38-4CAA-B057-1086D794D469\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2700BCC5-634D-4EC6-AB67-5B678D5F951D\"}]}]}],\"references\":[{\"url\":\"https://android.googlesource.com/platform/frameworks/base/+/3cc021bf608fa813a9a40932028fdde2b12a2d5e\",\"source\":\"security@android.com\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://source.android.com/security/bulletin/2024-06-01\",\"source\":\"security@android.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://android.googlesource.com/platform/frameworks/base/+/3cc021bf608fa813a9a40932028fdde2b12a2d5e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://source.android.com/security/bulletin/2024-06-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://android.googlesource.com/platform/frameworks/base/+/3cc021bf608fa813a9a40932028fdde2b12a2d5e\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://source.android.com/security/bulletin/2024-06-01\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T01:52:56.306Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.4, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-31319\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-10T15:11:59.859408Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:google:android:12l:*:*:*:*:*:*:*\", \"cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*\"], \"vendor\": \"google\", \"product\": \"android\", \"versions\": [{\"status\": \"affected\", \"version\": \"12.0\"}, {\"status\": \"affected\", \"version\": \"12l\"}, {\"status\": \"affected\", \"version\": \"13.0\"}, {\"status\": \"affected\", \"version\": \"14.0\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-441\", \"description\": \"CWE-441 Unintended Proxy or Intermediary (\u0027Confused Deputy\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-10T15:15:47.952Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Google\", \"product\": \"Android\", \"versions\": [{\"status\": \"affected\", \"version\": \"14\"}, {\"status\": \"affected\", \"version\": \"13\"}, {\"status\": \"affected\", \"version\": \"12L\"}, {\"status\": \"affected\", \"version\": \"12\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://android.googlesource.com/platform/frameworks/base/+/3cc021bf608fa813a9a40932028fdde2b12a2d5e\"}, {\"url\": \"https://source.android.com/security/bulletin/2024-06-01\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a possible cross-user data leak due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Elevation of privilege\"}]}], \"providerMetadata\": {\"orgId\": \"baff130e-b8d5-4e15-b3d3-c3cf5d5545c6\", \"shortName\": \"google_android\", \"dateUpdated\": \"2024-07-09T20:09:16.083Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-31319\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-02T01:52:56.306Z\", \"dateReserved\": \"2024-03-29T20:11:33.059Z\", \"assignerOrgId\": \"baff130e-b8d5-4e15-b3d3-c3cf5d5545c6\", \"datePublished\": \"2024-07-09T20:09:16.083Z\", \"assignerShortName\": \"google_android\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Title
Google Android Framework权限提升漏洞(CNVD-2024-39688)
Description
Google Android是美国谷歌(Google)公司的一套以Linux为基础的开源操作系统。
Google Android Framework存在权限提升漏洞,攻击者可利用此漏洞在系统上获得更高的权限。
Severity
高
Patch Name
Google Android Framework权限提升漏洞(CNVD-2024-39688)的补丁
Patch Description
Google Android是美国谷歌(Google)公司的一套以Linux为基础的开源操作系统。
Google Android Framework存在权限提升漏洞,攻击者可利用此漏洞在系统上获得更高的权限。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://source.android.com/security/bulletin/2024-06-01
Reference
https://android.googlesource.com/platform/frameworks/base/+/3cc021bf608fa813a9a40932028fdde2b12a2d5e
Impacted products
| Name | ['Google Android <12', 'Google Android <12L', 'Google Android <13', 'Google Android <14'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2024-31319",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-31319"
}
},
"description": "Google Android\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u7684\u4e00\u5957\u4ee5Linux\u4e3a\u57fa\u7840\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edf\u3002\n\nGoogle Android Framework\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u5728\u7cfb\u7edf\u4e0a\u83b7\u5f97\u66f4\u9ad8\u7684\u6743\u9650\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://source.android.com/security/bulletin/2024-06-01",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2024-39688",
"openTime": "2024-10-01",
"patchDescription": "Google Android\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u7684\u4e00\u5957\u4ee5Linux\u4e3a\u57fa\u7840\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nGoogle Android Framework\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u5728\u7cfb\u7edf\u4e0a\u83b7\u5f97\u66f4\u9ad8\u7684\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Google Android Framework\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff08CNVD-2024-39688\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"Google Android \u003c12",
"Google Android \u003c12L",
"Google Android \u003c13",
"Google Android \u003c14"
]
},
"referenceLink": "https://android.googlesource.com/platform/frameworks/base/+/3cc021bf608fa813a9a40932028fdde2b12a2d5e",
"serverity": "\u9ad8",
"submitTime": "2024-07-12",
"title": "Google Android Framework\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff08CNVD-2024-39688\uff09"
}
FKIE_CVE-2024-31319
Vulnerability from fkie_nvd - Published: 2024-07-09 21:15 - Updated: 2024-12-17 17:13
Severity
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a possible cross-user data leak due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a possible cross-user data leak due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
},
{
"lang": "es",
"value": "En updateNotificationChannelFromPrivilegedListener de NotificationManagerService.java, existe una posible fuga de datos entre usuarios debido a un diputado confundido. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n."
}
],
"id": "CVE-2024-31319",
"lastModified": "2024-12-17T17:13:47.993",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-07-09T21:15:13.313",
"references": [
{
"source": "security@android.com",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://android.googlesource.com/platform/frameworks/base/+/3cc021bf608fa813a9a40932028fdde2b12a2d5e"
},
{
"source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://source.android.com/security/bulletin/2024-06-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://android.googlesource.com/platform/frameworks/base/+/3cc021bf608fa813a9a40932028fdde2b12a2d5e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://source.android.com/security/bulletin/2024-06-01"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-610"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-441"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
GHSA-6RW7-R5PP-274M
Vulnerability from github – Published: 2024-07-09 21:30 – Updated: 2024-07-12 18:31
VLAI
Details
In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a possible cross-user data leak due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity
8.4 (High)
{
"affected": [],
"aliases": [
"CVE-2024-31319"
],
"database_specific": {
"cwe_ids": [
"CWE-441",
"CWE-610"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-09T21:15:13Z",
"severity": "HIGH"
},
"details": "In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a possible cross-user data leak due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",
"id": "GHSA-6rw7-r5pp-274m",
"modified": "2024-07-12T18:31:47Z",
"published": "2024-07-09T21:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31319"
},
{
"type": "WEB",
"url": "https://android.googlesource.com/platform/frameworks/base/+/3cc021bf608fa813a9a40932028fdde2b12a2d5e"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2024-06-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2024-31319
Vulnerability from gsd - Updated: 2024-04-03 05:02Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-31319"
],
"id": "GSD-2024-31319",
"modified": "2024-04-03T05:02:25.472766Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2024-31319",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
}
}
WID-SEC-W-2024-1278
Vulnerability from csaf_certbund - Published: 2024-06-03 22:00 - Updated: 2026-03-02 23:00Summary
Android Patchday - June 2024: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Das Android Betriebssystem ist eine quelloffene Plattform für mobile Geräte. Die Basis bildet der Linux-Kernel.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Google Android ausnutzen, um seine Privilegien zu erhöhen, um vertrauliche Informationen offenzulegen und um einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme: - Android
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Google Android <12L
Google / Android
|
<12L | ||
|
Google Android <12
Google / Android
|
<12 | ||
|
Google Android <14
Google / Android
|
<14 | ||
|
Google Android <13
Google / Android
|
<13 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Das Android Betriebssystem ist eine quelloffene Plattform f\u00fcr mobile Ger\u00e4te. Die Basis bildet der Linux-Kernel.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Google Android ausnutzen, um seine Privilegien zu erh\u00f6hen, um vertrauliche Informationen offenzulegen und um einen Denial-of-Service-Zustand zu erzeugen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Android",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1278 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1278.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1278 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1278"
},
{
"category": "external",
"summary": "Android Patchday Juni 2024 vom 2024-06-03",
"url": "https://source.android.com/docs/security/bulletin/2024-06-01"
}
],
"source_lang": "en-US",
"title": "Android Patchday - June 2024: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-02T23:00:00.000+00:00",
"generator": {
"date": "2026-03-03T09:42:39.371+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2024-1278",
"initial_release_date": "2024-06-03T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-06-03T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-06-05T22:00:00.000+00:00",
"number": "2",
"summary": "CVE\u0027s erg\u00e4nzt"
},
{
"date": "2026-03-02T23:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: EUVD-2024-29224"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12",
"product": {
"name": "Google Android \u003c12",
"product_id": "T035172"
}
},
{
"category": "product_version",
"name": "12",
"product": {
"name": "Google Android 12",
"product_id": "T035172-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:google:android:12"
}
}
},
{
"category": "product_version_range",
"name": "\u003c12L",
"product": {
"name": "Google Android \u003c12L",
"product_id": "T035173"
}
},
{
"category": "product_version",
"name": "12L",
"product": {
"name": "Google Android 12L",
"product_id": "T035173-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:google:android:12l"
}
}
},
{
"category": "product_version_range",
"name": "\u003c13",
"product": {
"name": "Google Android \u003c13",
"product_id": "T035174"
}
},
{
"category": "product_version",
"name": "13",
"product": {
"name": "Google Android 13",
"product_id": "T035174-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:google:android:13"
}
}
},
{
"category": "product_version_range",
"name": "\u003c14",
"product": {
"name": "Google Android \u003c14",
"product_id": "T035175"
}
},
{
"category": "product_version",
"name": "14",
"product": {
"name": "Google Android 14",
"product_id": "T035175-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:google:android:14"
}
}
}
],
"category": "product_name",
"name": "Android"
}
],
"category": "vendor",
"name": "Google"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-21113",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2023-21113"
},
{
"cve": "CVE-2023-21114",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2023-21114"
},
{
"cve": "CVE-2023-21266",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2023-21266"
},
{
"cve": "CVE-2023-43538",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2023-43538"
},
{
"cve": "CVE-2023-43542",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2023-43542"
},
{
"cve": "CVE-2023-43551",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2023-43551"
},
{
"cve": "CVE-2023-43556",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2023-43556"
},
{
"cve": "CVE-2024-0671",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-0671"
},
{
"cve": "CVE-2024-1065",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-1065"
},
{
"cve": "CVE-2024-20065",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-20065"
},
{
"cve": "CVE-2024-20066",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-20066"
},
{
"cve": "CVE-2024-20067",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-20067"
},
{
"cve": "CVE-2024-20068",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-20068"
},
{
"cve": "CVE-2024-20069",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-20069"
},
{
"cve": "CVE-2024-23363",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-23363"
},
{
"cve": "CVE-2024-23695",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-23695"
},
{
"cve": "CVE-2024-23696",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-23696"
},
{
"cve": "CVE-2024-23697",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-23697"
},
{
"cve": "CVE-2024-23698",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-23698"
},
{
"cve": "CVE-2024-23711",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-23711"
},
{
"cve": "CVE-2024-26926",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-26926"
},
{
"cve": "CVE-2024-31310",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31310"
},
{
"cve": "CVE-2024-31311",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31311"
},
{
"cve": "CVE-2024-31312",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31312"
},
{
"cve": "CVE-2024-31313",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31313"
},
{
"cve": "CVE-2024-31314",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31314"
},
{
"cve": "CVE-2024-31315",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31315"
},
{
"cve": "CVE-2024-31316",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31316"
},
{
"cve": "CVE-2024-31317",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31317"
},
{
"cve": "CVE-2024-31318",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31318"
},
{
"cve": "CVE-2024-31319",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31319"
},
{
"cve": "CVE-2024-31322",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31322"
},
{
"cve": "CVE-2024-31323",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31323"
},
{
"cve": "CVE-2024-31324",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31324"
},
{
"cve": "CVE-2024-31325",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31325"
},
{
"cve": "CVE-2024-31326",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31326"
},
{
"cve": "CVE-2024-31327",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31327"
},
{
"cve": "CVE-2024-31328",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31328"
},
{
"cve": "CVE-2024-31329",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31329"
},
{
"cve": "CVE-2024-31330",
"product_status": {
"known_affected": [
"T035173",
"T035172",
"T035175",
"T035174"
]
},
"release_date": "2024-06-03T22:00:00.000+00:00",
"title": "CVE-2024-31330"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…