removes a program from user's program list.
\n","urlObject":{"protocol":"http","port":"3001","path":["my-cpes",""],"host":["localhost"],"query":[],"variable":[]}},"response":[{"id":"3435df03-9986-4fd4-9a1a-e69b6574b2c4","name":"deleting a program","originalRequest":{"method":"DELETE","header":[{"key":"x-auth-token","value":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NGRiZTdhMzY1N2Y2OTg0ZjhiNmViYzkiLCJ1c2VybmFtZSI6Inlhc2luIiwiaWF0IjoxNjkyMzUwMTMzfQ.YPoA4oPtazZ4zqnSK_l5V-8XrRONL8PxsUg6BX8plaU","type":"text"}],"url":"http://localhost:3001/my-cpes/48FAE795-CC6B-488D-A04E-9F8CA4EBDFF3"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"34"},{"key":"ETag","value":"W/\"22-DqGpEFvKEq4WL3OXOq6rpAnxUWc\""},{"key":"Date","value":"Fri, 18 Aug 2023 11:50:45 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"deleted successfully\"\n}"},{"id":"a4c98d93-b0c9-4d01-b7ed-b4072f99106b","name":"trying to delete a cpe that does not exists in cpes collection","originalRequest":{"method":"DELETE","header":[{"key":"x-auth-token","value":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NGRiZTdhMzY1N2Y2OTg0ZjhiNmViYzkiLCJ1c2VybmFtZSI6Inlhc2luIiwiaWF0IjoxNjkyMzUwMTMzfQ.YPoA4oPtazZ4zqnSK_l5V-8XrRONL8PxsUg6BX8plaU","type":"text"}],"url":"http://localhost:3001/my-cpes/abcd1234"},"status":"Bad Request","code":400,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"78"},{"key":"ETag","value":"W/\"4e-0b5grkx/na29CY+twQJk9QeJrfQ\""},{"key":"Date","value":"Fri, 18 Aug 2023 18:31:55 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"برنامه مورد نظر پیدا نشد.\",\n \"type\": \"cpeNotFound\"\n}"}],"_postman_id":"8b06f08f-a770-47d9-8b0b-dc0b3def88f3"}],"id":"5a52022a-97d5-4a52-b2b4-bd9638e21083","_postman_id":"5a52022a-97d5-4a52-b2b4-bd9638e21083","description":""},{"name":"User","item":[{"name":"getting current logged in user","id":"222c61cf-ec13-403d-848d-bd373ba317ad","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"x-auth-token","value":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NDU1NWQ1YmI4MDk2ZDNjMjNlYTlmMGYiLCJ1c2VybmFtZSI6ImphZmFyIiwiaWF0IjoxNjg3OTYwMzc3fQ.GkCNucTH27w6tVzTGwGDK9NH71koO0qb4rpbcyOuLys","type":"text"}],"url":"http://localhost:3001/users/me","description":"This api is using for getting the current logged in user
\n\nx-auth-token is required
\n","urlObject":{"protocol":"http","port":"3001","path":["users","me"],"host":["localhost"],"query":[],"variable":[]}},"response":[{"id":"e38fd8dc-a418-490f-acd9-a7d2c727b140","name":"successfull with token in header","originalRequest":{"method":"GET","header":[{"key":"x-auth-token","value":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NDU1NWQ1YmI4MDk2ZDNjMjNlYTlmMGYiLCJ1c2VybmFtZSI6ImphZmFyIiwiaWF0IjoxNjg3OTYwMzc3fQ.GkCNucTH27w6tVzTGwGDK9NH71koO0qb4rpbcyOuLys","type":"text"}],"url":"http://localhost:3001/users/me"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"212"},{"key":"ETag","value":"W/\"d4-snRVZWCb82qKJ/FIcExsl0HtSa8\""},{"key":"Date","value":"Wed, 28 Jun 2023 14:07:17 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"_id\": \"64555d5bb8096d3c23ea9f0f\",\n \"username\": \"jafar\",\n \"email\": \"jafar@gmail.com\",\n \"userPrograms\": [\n \"64596334b23bcd29bab443f4\",\n \"645963a3cbc6a19789494e3e\",\n \"6495d6064595cd27ab3e022c\",\n \"649591234595cd27ab3e017d\"\n ],\n \"__v\": 7\n}"},{"id":"8bef0c39-a080-4d09-8027-37beab1ecfa6","name":"trying without any token","originalRequest":{"method":"GET","header":[],"url":"http://localhost:3001/users/me"},"status":"Unauthorized","code":401,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"66"},{"key":"ETag","value":"W/\"42-zXVJNHmSlaNvyn47833ZcMv/m74\""},{"key":"Date","value":"Wed, 28 Jun 2023 13:15:06 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"خطای دسترسی! توکنی ارائه نشده!\"\n}"}],"_postman_id":"222c61cf-ec13-403d-848d-bd373ba317ad"},{"name":"registering user","id":"96746000-a4a5-4f64-a866-8bf5f626bfc8","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n \"username\": \"ali\",\r\n \"email\": \"ali@gmail.com\",\r\n \"password\": \"1234\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:3001/users","description":"this gives username, email and password and if there was no such user before, will register the user.
\n","urlObject":{"protocol":"http","port":"3001","path":["users"],"host":["localhost"],"query":[],"variable":[]}},"response":[{"id":"2223cddc-430e-4c38-9ea9-99a366bc9b17","name":"successfull registering user","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n \"username\": \"yasinKhani\",\r\n \"email\": \"yasinKhani@gmail.com\",\r\n \"password\": \"123456\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:3001/users"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"303"},{"key":"ETag","value":"W/\"12f-2LHlDZH6QfYubF/zoMzin04AKZ0\""},{"key":"Date","value":"Fri, 18 Aug 2023 10:03:15 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"id\": \"64df41e3f8b151b95a39fff1\",\n \"username\": \"yasinKhani\",\n \"email\": \"yasinKhani@gmail.com\",\n \"token\": \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NGRmNDFlM2Y4YjE1MWI5NWEzOWZmZjEiLCJ1c2VybmFtZSI6Inlhc2luS2hhbmkiLCJpYXQiOjE2OTIzNTI5OTUsImV4cCI6MTY5MjM1NjU5NX0.NIj4SvugQ--ECDcN6beQwDweYVN4L8ppzSk-sFOgMzo\"\n}"},{"id":"1f185427-300a-4193-b553-a7bbf5a6ce65","name":"trying to register with duplicate email","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n \"username\": \"mohammadali\",\r\n \"email\": \"ali@gmail.com\",\r\n \"password\": \"12346\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:3001/users"},"status":"Bad Request","code":400,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"103"},{"key":"ETag","value":"W/\"67-nHQ5NWz9RHesSygCXx/Ve5DA35k\""},{"key":"Date","value":"Fri, 18 Aug 2023 09:08:35 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"قبلا کاربری با این ایمیل ثبت نام کرده\",\n \"type\": \"duplicateEmail\"\n}"},{"id":"72739bd0-e4da-40f1-92b8-c5f8c2444e0e","name":"trying to register with duplicate username","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n \"username\": \"mr.Khani\",\r\n \"email\": \"mrKhani@gmail.com\",\r\n \"password\": \"mrKhani123456\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:3001/users"},"status":"Bad Request","code":400,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"115"},{"key":"ETag","value":"W/\"73-Tz4MvZevlZp39tPE2nuYcIPRkQU\""},{"key":"Date","value":"Fri, 18 Aug 2023 10:02:18 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"قبلا کاربری با این نام کاربری ثبت نام کرده\",\n \"type\": \"duplicateUsername\"\n}"}],"_postman_id":"96746000-a4a5-4f64-a866-8bf5f626bfc8"},{"name":"login","id":"cdfa2f98-7872-49f0-8240-474202e8a614","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n \"username\": \"yasin\"\r\n , \"password\": \"123\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:3001/users/login","description":"Gives username and password and in the case that they were current, it will retrive a token.
\n","urlObject":{"protocol":"http","port":"3001","path":["users","login"],"host":["localhost"],"query":[],"variable":[]}},"response":[{"id":"8dcbec34-0151-4e3c-af6d-d86c79647f3c","name":"successfull login","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n \"username\": \"yasin\"\r\n , \"password\": \"123\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:3001/users/login"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"269"},{"key":"ETag","value":"W/\"10d-LQEdZ1jOazCcmwm0k83A+Ks+sJU\""},{"key":"Date","value":"Fri, 18 Aug 2023 09:15:33 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"id\": \"64dbe7a3657f6984f8b6ebc9\",\n \"username\": \"yasin\",\n \"email\": \"mm.y.khani@gmail.com\",\n \"token\": \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NGRiZTdhMzY1N2Y2OTg0ZjhiNmViYzkiLCJ1c2VybmFtZSI6Inlhc2luIiwiaWF0IjoxNjkyMzUwMTMzfQ.YPoA4oPtazZ4zqnSK_l5V-8XrRONL8PxsUg6BX8plaU\"\n}"},{"id":"e44fa428-618b-4dfc-96c9-df33a59111c2","name":"trying with wrong username","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n \"username\": \"jafar123\"\r\n , \"password\": \"1234\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:3001/users/login"},"status":"Bad Request","code":400,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"105"},{"key":"ETag","value":"W/\"69-J18bQIfzap4tY436iLacks5oErA\""},{"key":"Date","value":"Fri, 18 Aug 2023 09:14:15 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"کاربری با این نام کاربری ثبت نام نکرده!\",\n \"type\": \"wrongUsername\"\n}"},{"id":"679df777-9625-49f3-b3f4-8a922ba2bcf0","name":"trying with wrong password","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\r\n \"username\": \"ali\"\r\n , \"password\": \"12345\"\r\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:3001/users/login"},"status":"Bad Request","code":400,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"71"},{"key":"ETag","value":"W/\"47-S071TC7wN6UiA9Rr8CWj2OKul/o\""},{"key":"Date","value":"Fri, 18 Aug 2023 09:12:17 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"رمز عبور اشتباه است!\",\n \"type\": \"wrongPassword\"\n}"}],"_postman_id":"cdfa2f98-7872-49f0-8240-474202e8a614"}],"id":"e26fa982-6cb6-41b6-b7e8-846c2744db31","_postman_id":"e26fa982-6cb6-41b6-b7e8-846c2744db31","description":""},{"name":"Vulnerablility","item":[{"name":"getting all cves related to a specific program","id":"4ea883b7-ef15-4f60-8434-e8ea69867d83","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"x-auth-token","value":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NDU1NWQ1YmI4MDk2ZDNjMjNlYTlmMGYiLCJ1c2VybmFtZSI6ImphZmFyIiwiaWF0IjoxNjg3OTYwMzc3fQ.GkCNucTH27w6tVzTGwGDK9NH71koO0qb4rpbcyOuLys","type":"text"}],"url":"http://localhost:3001/my-cpes//cves","description":"format of url address must be:
\n/cpe/${CPE-id}/new-CVEs\n\n
StartFragment
\nEndFragment
\n","urlObject":{"protocol":"http","port":"3001","path":["my-cpes","","cves"],"host":["localhost"],"query":[],"variable":[]}},"response":[{"id":"80800059-4f8b-45b7-b884-815f19663bc7","name":"getting all cves related to a specific program","originalRequest":{"method":"GET","header":[{"key":"x-auth-token","value":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NDU1NWQ1YmI4MDk2ZDNjMjNlYTlmMGYiLCJ1c2VybmFtZSI6ImphZmFyIiwiaWF0IjoxNjg3OTYwMzc3fQ.GkCNucTH27w6tVzTGwGDK9NH71koO0qb4rpbcyOuLys","type":"text"}],"url":"http://localhost:3001/my-cpes/FCBDF01A-4A03-4B06-9E69-D9A7A854BF9D/cves"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"16548"},{"key":"ETag","value":"W/\"40a4-Z0QrgaJ6ADOnDvunTp5MEN5J5RA\""},{"key":"Date","value":"Fri, 18 Aug 2023 11:12:15 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"cves\": [\n {\n \"_id\": \"64dc9f472b505e704f0f29ec\",\n \"cveCode\": \"CVE-1999-0717\",\n \"text\": \"A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.\",\n \"lastModified\": \"2018-10-12T17:59:09.077Z\",\n \"exploitabilityScore\": 4.9,\n \"impactScore\": 2.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"2.6\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f472b505e704f0f29f0\",\n \"cveCode\": \"CVE-1999-0794\",\n \"text\": \"Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file.\",\n \"lastModified\": \"2018-10-12T17:59:12.997Z\",\n \"exploitabilityScore\": 3.9,\n \"impactScore\": 6.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"4.6\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f472b505e704f0f29f4\",\n \"cveCode\": \"CVE-2001-0718\",\n \"text\": \"Vulnerability in (1) Microsoft Excel 2002 and earlier and (2) Microsoft PowerPoint 2002 and earlier allows attackers to bypass macro restrictions and execute arbitrary commands by modifying the data stream in the document.\",\n \"lastModified\": \"2018-10-12T18:00:38.627Z\",\n \"exploitabilityScore\": 10,\n \"impactScore\": 6.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"7.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a20\",\n \"cveCode\": \"CVE-2002-0615\",\n \"text\": \"The Windows Media Active Playlist in Microsoft Windows Media Player 7.1 stores information in a well known location on the local file system, allowing attackers to execute HTML scripts in the Local Computer zone, aka \\\"Media Playback Script Invocation\\\".\",\n \"lastModified\": \"2018-10-12T18:01:30.427Z\",\n \"exploitabilityScore\": 10,\n \"impactScore\": 6.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"7.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a24\",\n \"cveCode\": \"CVE-2002-0616\",\n \"text\": \"The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by attaching an inline macro to an object within an Excel workbook, aka the \\\"Excel Inline Macros Vulnerability.\\\"\",\n \"lastModified\": \"2018-10-12T18:01:30.690Z\",\n \"exploitabilityScore\": 4.9,\n \"impactScore\": 6.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"5.1\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a28\",\n \"cveCode\": \"CVE-2002-0617\",\n \"text\": \"The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by creating a hyperlink on a drawing shape in a source workbook that points to a destination workbook containing an autoexecute macro, aka \\\"Hyperlinked Excel Workbook Macro Bypass.\\\"\",\n \"lastModified\": \"2018-10-12T18:01:30.957Z\",\n \"exploitabilityScore\": 4.9,\n \"impactScore\": 6.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"5.1\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a2c\",\n \"cveCode\": \"CVE-2002-0618\",\n \"text\": \"The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka \\\"Excel XSL Stylesheet Script Execution\\\".\",\n \"lastModified\": \"2018-10-12T18:01:31.347Z\",\n \"exploitabilityScore\": 10,\n \"impactScore\": 6.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"7.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f532b505e704f0f2aa4\",\n \"cveCode\": \"CVE-2002-1143\",\n \"text\": \"Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka \\\"Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure.\\\"\",\n \"lastModified\": \"2018-10-12T18:02:00.020Z\",\n \"exploitabilityScore\": 10,\n \"impactScore\": 2.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f532b505e704f0f2aa8\",\n \"cveCode\": \"CVE-2004-0200\",\n \"text\": \"Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.\",\n \"lastModified\": \"2018-10-30T12:55:26.903Z\",\n \"exploitabilityScore\": 8.6,\n \"impactScore\": 10,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"9.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a30\",\n \"cveCode\": \"CVE-2004-0846\",\n \"text\": \"Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated.\",\n \"lastModified\": \"2018-10-12T18:05:22.107Z\",\n \"exploitabilityScore\": 10,\n \"impactScore\": 6.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"7.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a34\",\n \"cveCode\": \"CVE-2005-4131\",\n \"text\": \"Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka \\\"Brand new Microsoft Excel Vulnerability,\\\" as originally placed for sale on eBay as item number 7203336538.\",\n \"lastModified\": \"2018-10-19T12:10:06.783Z\",\n \"exploitabilityScore\": 8.6,\n \"impactScore\": 6.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"6.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a38\",\n \"cveCode\": \"CVE-2006-0028\",\n \"text\": \"Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid pointers.\",\n \"lastModified\": \"2018-10-19T12:12:06.900Z\",\n \"exploitabilityScore\": 4.9,\n \"impactScore\": 6.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"5.1\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a3c\",\n \"cveCode\": \"CVE-2006-0029\",\n \"text\": \"Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed description, which leads to memory corruption.\",\n \"lastModified\": \"2018-10-12T18:08:51.227Z\",\n \"exploitabilityScore\": 4.9,\n \"impactScore\": 6.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"5.1\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a40\",\n \"cveCode\": \"CVE-2006-0030\",\n \"text\": \"Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed graphic, which leads to memory corruption.\",\n \"lastModified\": \"2018-10-12T18:08:53.133Z\",\n \"exploitabilityScore\": 4.9,\n \"impactScore\": 6.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"5.1\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a44\",\n \"cveCode\": \"CVE-2006-3059\",\n \"text\": \"Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors. NOTE: this is a different vulnerability than CVE-2006-3086.\",\n \"lastModified\": \"2018-10-18T13:15:20.517Z\",\n \"exploitabilityScore\": 8.6,\n \"impactScore\": 10,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"9.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f472b505e704f0f29f8\",\n \"cveCode\": \"CVE-2006-3014\",\n \"text\": \"Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet.\",\n \"lastModified\": \"2018-10-12T18:10:18.323Z\",\n \"exploitabilityScore\": 4.9,\n \"impactScore\": 6.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"5.1\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f472b505e704f0f29fc\",\n \"cveCode\": \"CVE-2006-3431\",\n \"text\": \"Buffer overflow in certain Asian language versions of Microsoft Excel might allow user-assisted attackers to execute arbitrary code via a crafted STYLE record in a spreadsheet that triggers the overflow when the user attempts to repair the document or selects the \\\"Style\\\" option, as demonstrated by nanika.xls. NOTE: Microsoft has confirmed to CVE via e-mail that this is different than the other Excel vulnerabilities announced before 20060707, including CVE-2006-3059 and CVE-2006-3086.\",\n \"lastModified\": \"2018-10-18T13:17:29.847Z\",\n \"exploitabilityScore\": 10,\n \"impactScore\": 6.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"7.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a4c\",\n \"cveCode\": \"CVE-2006-1302\",\n \"text\": \"Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with certain crafted fields in a SELECTION record, which triggers memory corruption, aka \\\"Malformed SELECTION record Vulnerability.\\\"\",\n \"lastModified\": \"2018-10-18T13:01:58.933Z\",\n \"exploitabilityScore\": 8.6,\n \"impactScore\": 10,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"9.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a50\",\n \"cveCode\": \"CVE-2006-1304\",\n \"text\": \"Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted COLINFO record, which triggers the overflow during a \\\"data filling operation.\\\"\",\n \"lastModified\": \"2018-10-18T13:02:01.200Z\",\n \"exploitabilityScore\": 8.6,\n \"impactScore\": 10,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"9.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a54\",\n \"cveCode\": \"CVE-2006-1306\",\n \"text\": \"Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with an attacker-controlled array index that is used for a function pointer, aka \\\"Malformed OBJECT record Vulnerability.\\\"\",\n \"lastModified\": \"2018-10-18T13:02:02.747Z\",\n \"exploitabilityScore\": 8.6,\n \"impactScore\": 10,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"9.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a58\",\n \"cveCode\": \"CVE-2006-2388\",\n \"text\": \"Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of \\\"critical data offsets\\\" during the rebuilding process.\",\n \"lastModified\": \"2018-10-18T13:09:41.257Z\",\n \"exploitabilityScore\": 8.6,\n \"impactScore\": 10,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"9.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a5c\",\n \"cveCode\": \"CVE-2006-1301\",\n \"text\": \"Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record that triggers memory corruption, a different vulnerability than CVE-2006-1302.\",\n \"lastModified\": \"2018-10-12T18:09:18.057Z\",\n \"exploitabilityScore\": 8.6,\n \"impactScore\": 10,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"9.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a60\",\n \"cveCode\": \"CVE-2006-1308\",\n \"text\": \"Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted FNGROUPCOUNT value.\",\n \"lastModified\": \"2018-10-12T18:09:23.993Z\",\n \"exploitabilityScore\": 8.6,\n \"impactScore\": 10,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"9.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a64\",\n \"cveCode\": \"CVE-2006-1309\",\n \"text\": \"Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted LABEL record that triggers memory corruption.\",\n \"lastModified\": \"2018-10-12T18:09:24.713Z\",\n \"exploitabilityScore\": 8.6,\n \"impactScore\": 10,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"9.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a68\",\n \"cveCode\": \"CVE-2006-3867\",\n \"text\": \"Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel Viewer 2003 allows user-assisted attackers to execute arbitrary code via a crafted Lotus 1-2-3 file, a different vulnerability than CVE-2006-2387 and CVE-2006-3875.\",\n \"lastModified\": \"2018-10-17T18:02:05.003Z\",\n \"exploitabilityScore\": 4.9,\n \"impactScore\": 6.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"5.1\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a6c\",\n \"cveCode\": \"CVE-2006-3875\",\n \"text\": \"Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel Viewer 2003 allows user-assisted attackers to execute arbitrary code via a crafted COLINFO record in an XLS file, a different vulnerability than CVE-2006-2387 and CVE-2006-3867.\",\n \"lastModified\": \"2018-10-17T18:02:08.080Z\",\n \"exploitabilityScore\": 4.9,\n \"impactScore\": 6.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"5.1\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a70\",\n \"cveCode\": \"CVE-2006-3877\",\n \"text\": \"Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified \\\"crafted file,\\\" a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876.\",\n \"lastModified\": \"2018-10-17T18:02:09.253Z\",\n \"exploitabilityScore\": 8.6,\n \"impactScore\": 10,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"9.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a74\",\n \"cveCode\": \"CVE-2007-0027\",\n \"text\": \"Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via malformed IMDATA records that trigger memory corruption.\",\n \"lastModified\": \"2018-10-16T13:00:34.523Z\",\n \"exploitabilityScore\": 8.6,\n \"impactScore\": 10,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"9.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a78\",\n \"cveCode\": \"CVE-2007-0028\",\n \"text\": \"Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an \\\"Improper Memory Access Vulnerability.\\\" NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used.\",\n \"lastModified\": \"2018-10-16T13:00:35.273Z\",\n \"exploitabilityScore\": 8.6,\n \"impactScore\": 10,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"9.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a7c\",\n \"cveCode\": \"CVE-2007-0029\",\n \"text\": \"Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka \\\"Excel Malformed String Vulnerability.\\\"\",\n \"lastModified\": \"2018-10-16T13:00:36.227Z\",\n \"exploitabilityScore\": 8.6,\n \"impactScore\": 10,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"9.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a80\",\n \"cveCode\": \"CVE-2007-0030\",\n \"text\": \"Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memory.\",\n \"lastModified\": \"2018-10-16T13:00:36.883Z\",\n \"exploitabilityScore\": 8.6,\n \"impactScore\": 10,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"9.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a84\",\n \"cveCode\": \"CVE-2007-0031\",\n \"text\": \"Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries.\",\n \"lastModified\": \"2018-10-16T13:00:37.710Z\",\n \"exploitabilityScore\": 8.6,\n \"impactScore\": 10,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"9.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a88\",\n \"cveCode\": \"CVE-2007-0671\",\n \"text\": \"Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.\",\n \"lastModified\": \"2018-10-12T18:12:45.297Z\",\n \"exploitabilityScore\": 8.6,\n \"impactScore\": 10,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"9.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dc9f4a2b505e704f0f2a8c\",\n \"cveCode\": \"CVE-2007-0215\",\n \"text\": \"Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a .XLS BIFF file with a malformed Named Graph record, which results in memory corruption.\",\n \"lastModified\": \"2018-10-16T13:01:43.870Z\",\n \"exploitabilityScore\": 4.9,\n \"impactScore\": 10,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"7.6\",\n \"__v\": 0\n }\n ],\n \"cpeTitle\": \"Microsoft Excel 2002\"\n}"},{"id":"3ef81668-87bf-4db0-9b38-920cdf573ad9","name":"unsuccessfull getting all cves related to a specific program with wrong cpeNameId","originalRequest":{"method":"GET","header":[{"key":"x-auth-token","value":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NDU1NWQ1YmI4MDk2ZDNjMjNlYTlmMGYiLCJ1c2VybmFtZSI6ImphZmFyIiwiaWF0IjoxNjg3OTYwMzc3fQ.GkCNucTH27w6tVzTGwGDK9NH71koO0qb4rpbcyOuLys","type":"text"}],"url":"http://localhost:3001/my-cpes/FCBDF01A-4A03-4B06-9E69-D9A7A854B/cves"},"status":"Not Found","code":404,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"78"},{"key":"ETag","value":"W/\"4e-0b5grkx/na29CY+twQJk9QeJrfQ\""},{"key":"Date","value":"Fri, 18 Aug 2023 11:14:57 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"برنامه مورد نظر پیدا نشد.\",\n \"type\": \"cpeNotFound\"\n}"}],"_postman_id":"4ea883b7-ef15-4f60-8434-e8ea69867d83"},{"name":"getting new cves of a cpe","id":"382b6093-af66-4e9c-9dc9-557d27b807ce","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"x-auth-token","value":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NGRiZTdhMzY1N2Y2OTg0ZjhiNmViYzkiLCJ1c2VybmFtZSI6Inlhc2luIiwiaWF0IjoxNjkyMzUwMTMzfQ.YPoA4oPtazZ4zqnSK_l5V-8XrRONL8PxsUg6BX8plaU","type":"text"}],"url":"http://localhost:3001/my-cpes//new-cves","urlObject":{"protocol":"http","port":"3001","path":["my-cpes","","new-cves"],"host":["localhost"],"query":[],"variable":[]}},"response":[{"id":"e1e9fe28-20e9-4646-9ed9-9ae0581b7bb7","name":"successfull get new cves of a cpe","originalRequest":{"method":"GET","header":[{"key":"x-auth-token","value":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NGRiZTdhMzY1N2Y2OTg0ZjhiNmViYzkiLCJ1c2VybmFtZSI6Inlhc2luIiwiaWF0IjoxNjkyMzUwMTMzfQ.YPoA4oPtazZ4zqnSK_l5V-8XrRONL8PxsUg6BX8plaU","type":"text"}],"url":"http://localhost:3001/my-cpes/36DB42C7-1317-4784-A679-73C7C8B1818C/new-cves"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"135996"},{"key":"ETag","value":"W/\"2133c-/2/r7sRQK3W01Dh9mK+cETWSzFU\""},{"key":"Date","value":"Fri, 18 Aug 2023 11:07:09 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"newCVEs\": [\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb5b\",\n \"cveCode\": \"CVE-2022-44419\",\n \"text\": \"In modem, there is a possible missing verification of NAS Security Mode Command Replay Attacks in LTE. This could local denial of service with no additional execution privileges.\",\n \"lastModified\": \"2023-05-12T11:58:40.323Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb5f\",\n \"cveCode\": \"CVE-2022-44420\",\n \"text\": \"In modem, there is a possible missing verification of HashMME value in Security Mode Command. This could local denial of service with no additional execution privileges.\",\n \"lastModified\": \"2023-05-12T11:55:11.967Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb63\",\n \"cveCode\": \"CVE-2022-47487\",\n \"text\": \"In thermal service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service local denial of service with no additional execution privileges.\",\n \"lastModified\": \"2023-05-15T09:38:12.093Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb67\",\n \"cveCode\": \"CVE-2022-47488\",\n \"text\": \"In spipe drive, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-15T09:37:13.570Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb6b\",\n \"cveCode\": \"CVE-2022-47489\",\n \"text\": \"In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-15T10:01:34.873Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb6f\",\n \"cveCode\": \"CVE-2022-47490\",\n \"text\": \"In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.\",\n \"lastModified\": \"2023-05-12T12:39:17.543Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb73\",\n \"cveCode\": \"CVE-2022-47491\",\n \"text\": \"In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-15T10:01:05.507Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb77\",\n \"cveCode\": \"CVE-2022-47492\",\n \"text\": \"In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.\",\n \"lastModified\": \"2023-05-12T12:36:50.920Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb7b\",\n \"cveCode\": \"CVE-2022-47493\",\n \"text\": \"In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.\",\n \"lastModified\": \"2023-05-12T12:36:45.267Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb7f\",\n \"cveCode\": \"CVE-2022-47494\",\n \"text\": \"In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-15T10:00:29.777Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb83\",\n \"cveCode\": \"CVE-2022-47495\",\n \"text\": \"In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-15T10:00:13.337Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb87\",\n \"cveCode\": \"CVE-2022-47496\",\n \"text\": \"In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-15T10:00:05.157Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb8b\",\n \"cveCode\": \"CVE-2022-47497\",\n \"text\": \"In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-15T09:59:54.213Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb8f\",\n \"cveCode\": \"CVE-2022-47498\",\n \"text\": \"In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-15T09:59:43.377Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb93\",\n \"cveCode\": \"CVE-2022-47499\",\n \"text\": \"In soter service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-15T09:59:24.850Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb97\",\n \"cveCode\": \"CVE-2022-48231\",\n \"text\": \"In soter service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.\",\n \"lastModified\": \"2023-05-11T03:23:06.850Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb9b\",\n \"cveCode\": \"CVE-2022-48232\",\n \"text\": \"In FM service , there is a possible missing params check. This could lead to local denial of service in FM service .\",\n \"lastModified\": \"2023-05-11T03:23:02.137Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fb9f\",\n \"cveCode\": \"CVE-2022-48233\",\n \"text\": \"In FM service , there is a possible missing params check. This could lead to local denial of service in FM service .\",\n \"lastModified\": \"2023-05-11T03:22:58.090Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fba3\",\n \"cveCode\": \"CVE-2022-48234\",\n \"text\": \"In FM service , there is a possible missing params check. This could lead to local denial of service in FM service .\",\n \"lastModified\": \"2023-05-11T03:22:53.580Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fba7\",\n \"cveCode\": \"CVE-2022-48235\",\n \"text\": \"In MP3 encoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-11T16:31:36.210Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbab\",\n \"cveCode\": \"CVE-2022-48236\",\n \"text\": \"In MP3 encoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-11T16:31:20.830Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbaf\",\n \"cveCode\": \"CVE-2022-48237\",\n \"text\": \"In Image filter, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-11T15:50:28.837Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbb3\",\n \"cveCode\": \"CVE-2022-48238\",\n \"text\": \"In Image filter, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-11T17:04:03.250Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbb7\",\n \"cveCode\": \"CVE-2022-48239\",\n \"text\": \"In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-11T17:04:50.593Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbbb\",\n \"cveCode\": \"CVE-2022-48240\",\n \"text\": \"In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-11T17:04:59.237Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbbf\",\n \"cveCode\": \"CVE-2022-48243\",\n \"text\": \"In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-05-11T03:23:14.953Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbc3\",\n \"cveCode\": \"CVE-2022-48244\",\n \"text\": \"In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-05-11T03:22:44.813Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbc7\",\n \"cveCode\": \"CVE-2022-48245\",\n \"text\": \"In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-05-11T03:23:44.160Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbcb\",\n \"cveCode\": \"CVE-2022-48246\",\n \"text\": \"In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-05-11T03:22:41.287Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbcf\",\n \"cveCode\": \"CVE-2022-48247\",\n \"text\": \"In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-05-11T03:22:36.400Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbd3\",\n \"cveCode\": \"CVE-2022-48248\",\n \"text\": \"In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-05-11T03:24:36.713Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbd7\",\n \"cveCode\": \"CVE-2022-48249\",\n \"text\": \"In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-05-11T03:23:11.490Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbdb\",\n \"cveCode\": \"CVE-2022-48250\",\n \"text\": \"In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-05-11T03:23:29.447Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbdf\",\n \"cveCode\": \"CVE-2022-48368\",\n \"text\": \"In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-05-11T03:23:22.890Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbe3\",\n \"cveCode\": \"CVE-2022-48369\",\n \"text\": \"In audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-05-11T03:23:33.463Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbe7\",\n \"cveCode\": \"CVE-2022-48370\",\n \"text\": \"In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.\",\n \"lastModified\": \"2023-05-11T03:22:30.130Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbeb\",\n \"cveCode\": \"CVE-2022-48371\",\n \"text\": \"In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.\",\n \"lastModified\": \"2023-05-11T17:05:35.713Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbef\",\n \"cveCode\": \"CVE-2022-48372\",\n \"text\": \"In bootcp service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-11T16:47:45.393Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbf3\",\n \"cveCode\": \"CVE-2022-48373\",\n \"text\": \"In tee service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-11T17:02:59.337Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbf7\",\n \"cveCode\": \"CVE-2022-48374\",\n \"text\": \"In tee service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-11T17:03:35.387Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbfb\",\n \"cveCode\": \"CVE-2022-48376\",\n \"text\": \"In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.\",\n \"lastModified\": \"2023-05-12T11:20:49.740Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fbff\",\n \"cveCode\": \"CVE-2022-48377\",\n \"text\": \"In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.\",\n \"lastModified\": \"2023-05-12T11:21:01.090Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc03\",\n \"cveCode\": \"CVE-2022-48379\",\n \"text\": \"In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.\",\n \"lastModified\": \"2023-05-12T11:03:38.487Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc07\",\n \"cveCode\": \"CVE-2022-48382\",\n \"text\": \"In log service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-05-12T10:41:45.743Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc0b\",\n \"cveCode\": \"CVE-2022-48383\",\n \"text\": \".In srtd service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-05-12T09:24:18.963Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc0f\",\n \"cveCode\": \"CVE-2022-48384\",\n \"text\": \"In srtd service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-05-12T12:39:33.377Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc13\",\n \"cveCode\": \"CVE-2022-48388\",\n \"text\": \"In powerEx service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-05-15T10:02:06.990Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc17\",\n \"cveCode\": \"CVE-2023-20673\",\n \"text\": \"In vcu, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519103.\",\n \"lastModified\": \"2023-05-24T13:37:09.800Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc1b\",\n \"cveCode\": \"CVE-2023-20694\",\n \"text\": \"In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07733998 / ALPS07874388 (For MT6880 and MT6890 only).\",\n \"lastModified\": \"2023-05-24T11:40:04.603Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc1f\",\n \"cveCode\": \"CVE-2023-20695\",\n \"text\": \"In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only); Issue ID: ALPS07734012 / ALPS07874363 (For MT6880, MT6890, MT6980 and MT6990 only).\",\n \"lastModified\": \"2023-05-24T11:39:51.070Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc23\",\n \"cveCode\": \"CVE-2023-20696\",\n \"text\": \"In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only); Issue ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT6890 only).\",\n \"lastModified\": \"2023-05-24T11:39:06.833Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc27\",\n \"cveCode\": \"CVE-2023-20697\",\n \"text\": \"In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148.\",\n \"lastModified\": \"2023-05-22T14:26:39.410Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc2b\",\n \"cveCode\": \"CVE-2023-20698\",\n \"text\": \"In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144.\",\n \"lastModified\": \"2023-05-22T14:26:19.997Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc2f\",\n \"cveCode\": \"CVE-2023-20699\",\n \"text\": \"In adsp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07696073; Issue ID: ALPS07696073.\",\n \"lastModified\": \"2023-05-22T14:26:06.320Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc33\",\n \"cveCode\": \"CVE-2023-20703\",\n \"text\": \"In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767853; Issue ID: ALPS07767853.\",\n \"lastModified\": \"2023-05-22T14:25:07.977Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc37\",\n \"cveCode\": \"CVE-2023-20704\",\n \"text\": \"In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767826; Issue ID: ALPS07767826.\",\n \"lastModified\": \"2023-05-22T14:24:49.483Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc3b\",\n \"cveCode\": \"CVE-2023-20705\",\n \"text\": \"In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767870; Issue ID: ALPS07767870.\",\n \"lastModified\": \"2023-05-22T14:24:14.507Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc3f\",\n \"cveCode\": \"CVE-2023-20706\",\n \"text\": \"In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767860; Issue ID: ALPS07767860.\",\n \"lastModified\": \"2023-05-22T14:23:33.893Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc43\",\n \"cveCode\": \"CVE-2023-20707\",\n \"text\": \"In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628556; Issue ID: ALPS07628556.\",\n \"lastModified\": \"2023-05-22T14:23:01.100Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc47\",\n \"cveCode\": \"CVE-2023-20708\",\n \"text\": \"In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581655; Issue ID: ALPS07581655.\",\n \"lastModified\": \"2023-05-22T14:22:31.747Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc4b\",\n \"cveCode\": \"CVE-2023-20709\",\n \"text\": \"In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576951; Issue ID: ALPS07576951.\",\n \"lastModified\": \"2023-05-22T14:22:07.987Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc4f\",\n \"cveCode\": \"CVE-2023-20710\",\n \"text\": \"In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576935; Issue ID: ALPS07576935.\",\n \"lastModified\": \"2023-05-22T14:21:09.217Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc53\",\n \"cveCode\": \"CVE-2023-20711\",\n \"text\": \"In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581668; Issue ID: ALPS07581668.\",\n \"lastModified\": \"2023-05-22T14:20:41.130Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc57\",\n \"cveCode\": \"CVE-2023-20717\",\n \"text\": \"In vcu, there is a possible leak of dma buffer due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645185; Issue ID: ALPS07645185.\",\n \"lastModified\": \"2023-05-22T14:19:25.877Z\",\n \"exploitabilityScore\": 0.5,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.1\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc5b\",\n \"cveCode\": \"CVE-2023-20718\",\n \"text\": \"In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645181; Issue ID: ALPS07645181.\",\n \"lastModified\": \"2023-05-22T14:18:33.887Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc5f\",\n \"cveCode\": \"CVE-2023-20719\",\n \"text\": \"In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629583; Issue ID: ALPS07629583.\",\n \"lastModified\": \"2023-05-22T14:17:59.997Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc63\",\n \"cveCode\": \"CVE-2023-20720\",\n \"text\": \"In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629586; Issue ID: ALPS07629586.\",\n \"lastModified\": \"2023-05-22T14:15:04.217Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc67\",\n \"cveCode\": \"CVE-2023-20721\",\n \"text\": \"In isp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07162155; Issue ID: ALPS07162155.\",\n \"lastModified\": \"2023-05-22T14:14:13.100Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc6b\",\n \"cveCode\": \"CVE-2023-20722\",\n \"text\": \"In m4u, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07771518; Issue ID: ALPS07680084.\",\n \"lastModified\": \"2023-05-22T14:13:38.203Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc6f\",\n \"cveCode\": \"CVE-2023-20726\",\n \"text\": \"In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only); Issue ID: ALPS07735968 / ALPS07884552 (For MT6880, MT6890, MT6980, MT6980D and MT6990 only).\",\n \"lastModified\": \"2023-05-24T11:36:52.940Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 1.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"3.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc73\",\n \"cveCode\": \"CVE-2023-20930\",\n \"text\": \"In pushDynamicShortcut of ShortcutPackage.java, there is a possible way to get the device into a boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-250576066\",\n \"lastModified\": \"2023-05-23T20:45:11.830Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc77\",\n \"cveCode\": \"CVE-2023-21103\",\n \"text\": \"In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted user data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-259064622\",\n \"lastModified\": \"2023-05-23T20:45:42.343Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc7b\",\n \"cveCode\": \"CVE-2023-21104\",\n \"text\": \"In applySyncTransaction of WindowOrganizer.java, a missing permission check could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-259938771\",\n \"lastModified\": \"2023-05-23T20:46:17.847Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc7f\",\n \"cveCode\": \"CVE-2023-21107\",\n \"text\": \"In retrieveAppEntry of NotificationAccessDetails.java, there is a missing permission check. This could lead to local escalation of privilege across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-259385017\",\n \"lastModified\": \"2023-05-23T20:47:10.547Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc83\",\n \"cveCode\": \"CVE-2023-21109\",\n \"text\": \"In multiple places of AccessibilityService, there is a possible way to hide the app from the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261589597\",\n \"lastModified\": \"2023-05-23T20:47:22.613Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc87\",\n \"cveCode\": \"CVE-2023-21110\",\n \"text\": \"In several functions of SnoozeHelper.java, there is a possible way to grant notifications access due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-258422365\",\n \"lastModified\": \"2023-05-23T20:47:35.097Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc8b\",\n \"cveCode\": \"CVE-2023-21111\",\n \"text\": \"In several functions of PhoneAccountRegistrar.java, there is a possible way to prevent an access to emergency services due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256819769\",\n \"lastModified\": \"2023-05-23T20:47:46.907Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc8f\",\n \"cveCode\": \"CVE-2023-21112\",\n \"text\": \"In AnalyzeMfcResp of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-252763983\",\n \"lastModified\": \"2023-05-23T20:47:58.943Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc93\",\n \"cveCode\": \"CVE-2023-21116\",\n \"text\": \"In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256202273\",\n \"lastModified\": \"2023-05-23T20:49:34.900Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc97\",\n \"cveCode\": \"CVE-2023-21117\",\n \"text\": \"In registerReceiverWithFeature of ActivityManagerService.java, there is a possible way for isolated processes to register a broadcast receiver due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-263358101\",\n \"lastModified\": \"2023-05-23T20:49:55.867Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc9b\",\n \"cveCode\": \"CVE-2023-21118\",\n \"text\": \"In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-269014004\",\n \"lastModified\": \"2023-05-23T20:50:11.947Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fc9f\",\n \"cveCode\": \"CVE-2023-33740\",\n \"text\": \"Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code information via modification fo the Verify parameter in a warning message.\",\n \"lastModified\": \"2023-06-06T14:58:52.223Z\",\n \"exploitabilityScore\": 3.9,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fca3\",\n \"cveCode\": \"CVE-2023-33741\",\n \"text\": \"Macrovideo v380pro v1.4.97 shares the device id and password when sharing the device.\",\n \"lastModified\": \"2023-06-06T17:17:03.053Z\",\n \"exploitabilityScore\": 3.9,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fca7\",\n \"cveCode\": \"CVE-2022-48392\",\n \"text\": \"In dialer service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-06-09T19:42:57.930Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fcab\",\n \"cveCode\": \"CVE-2022-48438\",\n \"text\": \"In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-06-09T19:45:14.740Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fcaf\",\n \"cveCode\": \"CVE-2022-48439\",\n \"text\": \"In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-06-09T20:16:10.760Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fcb3\",\n \"cveCode\": \"CVE-2022-48440\",\n \"text\": \"In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.\",\n \"lastModified\": \"2023-06-09T20:33:53.377Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fcb7\",\n \"cveCode\": \"CVE-2022-48441\",\n \"text\": \"In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.\",\n \"lastModified\": \"2023-06-09T20:34:32.783Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fcbb\",\n \"cveCode\": \"CVE-2022-48442\",\n \"text\": \"In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.\",\n \"lastModified\": \"2023-06-09T20:37:26.000Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fcbf\",\n \"cveCode\": \"CVE-2023-30865\",\n \"text\": \"In dialer service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-06-09T22:36:12.980Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fcc3\",\n \"cveCode\": \"CVE-2023-20727\",\n \"text\": \"In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588531; Issue ID: ALPS07588531.\",\n \"lastModified\": \"2023-06-09T00:25:06.267Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fcc7\",\n \"cveCode\": \"CVE-2023-20712\",\n \"text\": \"In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796914; Issue ID: ALPS07796914.\",\n \"lastModified\": \"2023-06-09T00:25:01.490Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fccb\",\n \"cveCode\": \"CVE-2023-20715\",\n \"text\": \"In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796900; Issue ID: ALPS07796900.\",\n \"lastModified\": \"2023-06-09T00:24:57.190Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fccf\",\n \"cveCode\": \"CVE-2023-20716\",\n \"text\": \"In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07796883; Issue ID: ALPS07796883.\",\n \"lastModified\": \"2023-06-09T00:24:47.580Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fcd3\",\n \"cveCode\": \"CVE-2023-20723\",\n \"text\": \"In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07843845; Issue ID: ALPS07843845.\",\n \"lastModified\": \"2023-06-09T00:21:32.767Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fcd7\",\n \"cveCode\": \"CVE-2023-20724\",\n \"text\": \"In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07843845; Issue ID: ALPS07843841.\",\n \"lastModified\": \"2023-06-09T00:21:53.713Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fcdb\",\n \"cveCode\": \"CVE-2023-20725\",\n \"text\": \"In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only); Issue ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only).\",\n \"lastModified\": \"2023-06-09T00:22:02.530Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fcdf\",\n \"cveCode\": \"CVE-2023-20728\",\n \"text\": \"In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573603; Issue ID: ALPS07573603.\",\n \"lastModified\": \"2023-06-09T00:24:51.930Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fce3\",\n \"cveCode\": \"CVE-2023-20729\",\n \"text\": \"In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573552; Issue ID: ALPS07573575.\",\n \"lastModified\": \"2023-06-09T00:24:39.430Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fce7\",\n \"cveCode\": \"CVE-2023-20730\",\n \"text\": \"In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573552; Issue ID: ALPS07573552.\",\n \"lastModified\": \"2023-06-09T00:24:43.843Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fceb\",\n \"cveCode\": \"CVE-2023-20731\",\n \"text\": \"In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573495; Issue ID: ALPS07573495.\",\n \"lastModified\": \"2023-06-09T00:24:36.050Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fcef\",\n \"cveCode\": \"CVE-2023-20732\",\n \"text\": \"In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573480; Issue ID: ALPS07573480.\",\n \"lastModified\": \"2023-06-09T00:24:31.863Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fcf3\",\n \"cveCode\": \"CVE-2023-20733\",\n \"text\": \"In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645149.\",\n \"lastModified\": \"2023-06-09T00:24:28.583Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fcf7\",\n \"cveCode\": \"CVE-2023-20734\",\n \"text\": \"In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645184.\",\n \"lastModified\": \"2023-06-09T00:22:19.610Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fcfb\",\n \"cveCode\": \"CVE-2023-20735\",\n \"text\": \"In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645178.\",\n \"lastModified\": \"2023-06-09T00:24:24.753Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fcff\",\n \"cveCode\": \"CVE-2023-20736\",\n \"text\": \"In vcu, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645189.\",\n \"lastModified\": \"2023-06-09T00:23:52.827Z\",\n \"exploitabilityScore\": 0.5,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd03\",\n \"cveCode\": \"CVE-2023-20737\",\n \"text\": \"In vcu, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645167.\",\n \"lastModified\": \"2023-06-09T00:22:13.303Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd07\",\n \"cveCode\": \"CVE-2023-20738\",\n \"text\": \"In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645149; Issue ID: ALPS07645173.\",\n \"lastModified\": \"2023-06-09T00:24:20.640Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd0b\",\n \"cveCode\": \"CVE-2023-20739\",\n \"text\": \"In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559819; Issue ID: ALPS07559819.\",\n \"lastModified\": \"2023-06-09T00:23:03.250Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd0f\",\n \"cveCode\": \"CVE-2023-20741\",\n \"text\": \"In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628606.\",\n \"lastModified\": \"2023-06-09T00:23:58.487Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd13\",\n \"cveCode\": \"CVE-2023-20742\",\n \"text\": \"In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628540.\",\n \"lastModified\": \"2023-06-09T00:23:33.333Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd17\",\n \"cveCode\": \"CVE-2023-20743\",\n \"text\": \"In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519142; Issue ID: ALPS07519142.\",\n \"lastModified\": \"2023-06-09T00:23:45.083Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd1b\",\n \"cveCode\": \"CVE-2023-20744\",\n \"text\": \"In vcu, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519142; Issue ID: ALPS07519200.\",\n \"lastModified\": \"2023-06-09T00:24:13.877Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd1f\",\n \"cveCode\": \"CVE-2023-20745\",\n \"text\": \"In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519142; Issue ID: ALPS07560694.\",\n \"lastModified\": \"2023-06-09T00:23:07.380Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd23\",\n \"cveCode\": \"CVE-2023-20746\",\n \"text\": \"In vcu, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519142; Issue ID: ALPS07519217.\",\n \"lastModified\": \"2023-06-09T00:24:17.320Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd27\",\n \"cveCode\": \"CVE-2023-20747\",\n \"text\": \"In vcu, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07519103; Issue ID: ALPS07519121.\",\n \"lastModified\": \"2023-06-09T00:22:38.977Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd2b\",\n \"cveCode\": \"CVE-2023-20749\",\n \"text\": \"In swpm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780926; Issue ID: ALPS07780926.\",\n \"lastModified\": \"2023-06-09T00:24:02.757Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd2f\",\n \"cveCode\": \"CVE-2023-20750\",\n \"text\": \"In swpm, there is a possible out of bounds write due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780926; Issue ID: ALPS07780928.\",\n \"lastModified\": \"2023-06-09T00:22:47.223Z\",\n \"exploitabilityScore\": 0.5,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.1\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd33\",\n \"cveCode\": \"CVE-2023-20751\",\n \"text\": \"In keymange, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07825502; Issue ID: ALPS07825502.\",\n \"lastModified\": \"2023-06-09T00:24:10.377Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd37\",\n \"cveCode\": \"CVE-2023-20752\",\n \"text\": \"In keymange, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826586; Issue ID: ALPS07826586.\",\n \"lastModified\": \"2023-06-09T00:23:11.670Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd3b\",\n \"cveCode\": \"CVE-2023-21095\",\n \"text\": \"In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-242704576\",\n \"lastModified\": \"2023-06-22T17:28:35.673Z\",\n \"exploitabilityScore\": 1,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd3f\",\n \"cveCode\": \"CVE-2023-21105\",\n \"text\": \"In multiple functions of ChooserActivity.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261036568\",\n \"lastModified\": \"2023-06-21T09:26:25.283Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd43\",\n \"cveCode\": \"CVE-2023-21108\",\n \"text\": \"In sdpu_build_uuid_seq of sdp_discovery.cc, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-239414876\",\n \"lastModified\": \"2023-06-21T09:24:58.137Z\",\n \"exploitabilityScore\": 2.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"8.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd47\",\n \"cveCode\": \"CVE-2023-21122\",\n \"text\": \"In various functions of various files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-270050191\",\n \"lastModified\": \"2023-06-21T09:39:01.433Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd4b\",\n \"cveCode\": \"CVE-2023-21123\",\n \"text\": \"In multiple functions of multiple files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-270050064\",\n \"lastModified\": \"2023-06-21T09:38:59.573Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd4f\",\n \"cveCode\": \"CVE-2023-21124\",\n \"text\": \"In run of multiple files, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-265798353\",\n \"lastModified\": \"2023-06-22T10:24:49.943Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd53\",\n \"cveCode\": \"CVE-2023-21126\",\n \"text\": \"In bindOutputSwitcherAndBroadcastButton of MediaControlPanel.java, there is a possible launch arbitrary activity under SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-271846393\",\n \"lastModified\": \"2023-06-22T11:27:44.273Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd57\",\n \"cveCode\": \"CVE-2023-21127\",\n \"text\": \"In readSampleData of NuMediaExtractor.cpp, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-275418191\",\n \"lastModified\": \"2023-06-21T09:41:33.450Z\",\n \"exploitabilityScore\": 2.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"8.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd5b\",\n \"cveCode\": \"CVE-2023-21128\",\n \"text\": \"In various functions of AppStandbyController.java, there is a possible way to break manageability scenarios due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-272042183\",\n \"lastModified\": \"2023-06-22T10:19:33.047Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd5f\",\n \"cveCode\": \"CVE-2023-21129\",\n \"text\": \"In getFullScreenIntentDecision of NotificationInterruptStateProviderImpl.java, there is a possible activity launch while the app is in the background due to a BAL bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-274759612\",\n \"lastModified\": \"2023-06-22T10:10:11.927Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd63\",\n \"cveCode\": \"CVE-2023-21130\",\n \"text\": \"In btm_ble_periodic_adv_sync_lost of btm_ble_gap.cc, there is a possible remote code execution due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-273502002\",\n \"lastModified\": \"2023-06-22T10:09:25.883Z\",\n \"exploitabilityScore\": 3.9,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"9.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd67\",\n \"cveCode\": \"CVE-2023-21131\",\n \"text\": \"In checkKeyIntentParceledCorrectly() of ActivityManagerService.java, there is a possible bypass of Parcel Mismatch mitigations due to a logic error in the code. This could lead to local escalation of privilege and the ability to launch arbitrary activities in settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-265015796\",\n \"lastModified\": \"2023-06-22T16:02:33.063Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd6b\",\n \"cveCode\": \"CVE-2023-21135\",\n \"text\": \"In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-260570119\",\n \"lastModified\": \"2023-06-22T15:58:51.723Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd6f\",\n \"cveCode\": \"CVE-2023-21136\",\n \"text\": \"In multiple functions of JobStore.java, there is a possible way to cause a crash on startup due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-246542285\",\n \"lastModified\": \"2023-06-21T09:41:57.187Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd73\",\n \"cveCode\": \"CVE-2023-21137\",\n \"text\": \"In several methods of JobStore.java, uncaught exceptions in job map parsing could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-246541702\",\n \"lastModified\": \"2023-06-21T11:36:52.617Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd77\",\n \"cveCode\": \"CVE-2023-21138\",\n \"text\": \"In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-273260090\",\n \"lastModified\": \"2023-06-21T10:40:38.607Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd7b\",\n \"cveCode\": \"CVE-2023-21139\",\n \"text\": \"In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-271845008\",\n \"lastModified\": \"2023-06-22T13:34:49.660Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd7f\",\n \"cveCode\": \"CVE-2023-21141\",\n \"text\": \"In several functions of several files, there is a possible way to access developer mode traces due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-262244249\",\n \"lastModified\": \"2023-06-21T11:11:48.950Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd83\",\n \"cveCode\": \"CVE-2023-21142\",\n \"text\": \"In multiple files, there is a possible way to access traces in the dev mode due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-262243665\",\n \"lastModified\": \"2023-06-21T10:40:11.717Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd87\",\n \"cveCode\": \"CVE-2023-21143\",\n \"text\": \"In multiple functions of multiple files, there is a possible way to make the device unusable due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-268193777\",\n \"lastModified\": \"2023-06-22T13:25:04.980Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd8b\",\n \"cveCode\": \"CVE-2023-21144\",\n \"text\": \"In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or service due to long running operations. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-252766417\",\n \"lastModified\": \"2023-06-22T13:25:17.540Z\",\n \"exploitabilityScore\": 3.9,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd8f\",\n \"cveCode\": \"CVE-2022-20443\",\n \"text\": \"In hasInputInfo of Layer.cpp, there is a possible bypass of user interaction requirements due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-194480991\",\n \"lastModified\": \"2023-07-05T17:00:30.343Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd93\",\n \"cveCode\": \"CVE-2023-21167\",\n \"text\": \"In setProfileName of DevicePolicyManagerService.java, there is a possible way to crash the SystemUI menu due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-259942964\",\n \"lastModified\": \"2023-07-05T21:26:31.923Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd97\",\n \"cveCode\": \"CVE-2023-21168\",\n \"text\": \"In convertCbYCrY of ColorConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-253270285\",\n \"lastModified\": \"2023-06-30T15:25:53.630Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd9b\",\n \"cveCode\": \"CVE-2023-21169\",\n \"text\": \"In inviteInternal of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-274443441\",\n \"lastModified\": \"2023-06-30T14:20:07.150Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fd9f\",\n \"cveCode\": \"CVE-2023-21170\",\n \"text\": \"In executeSetClientTarget of ComposerCommandEngine.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-252764410\",\n \"lastModified\": \"2023-06-30T14:22:59.093Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fda3\",\n \"cveCode\": \"CVE-2023-21171\",\n \"text\": \"In verifyInputEvent of InputDispatcher.cpp, there is a possible way to conduct click fraud due to side channel information disclosure. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-261085213\",\n \"lastModified\": \"2023-06-30T14:28:56.977Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fda7\",\n \"cveCode\": \"CVE-2023-21172\",\n \"text\": \"In multiple functions of WifiCallingSettings.java, there is a possible way to change calling preferences for the admin user due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262243015\",\n \"lastModified\": \"2023-06-30T14:34:16.583Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdab\",\n \"cveCode\": \"CVE-2023-21173\",\n \"text\": \"In multiple methods of DataUsageList.java, there is a possible way to learn about admin user's network activities due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262741858\",\n \"lastModified\": \"2023-06-30T15:21:09.053Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdaf\",\n \"cveCode\": \"CVE-2023-21174\",\n \"text\": \"In isPageSearchEnabled of BillingCycleSettings.java, there is a possible way for the guest user to change data limits due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235822222\",\n \"lastModified\": \"2023-06-30T15:22:27.157Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdb3\",\n \"cveCode\": \"CVE-2023-21175\",\n \"text\": \"In onCreate of DataUsageSummary.java, there is a possible method for a guest user to enable or disable mobile data due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262243574\",\n \"lastModified\": \"2023-06-30T15:39:31.007Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdb7\",\n \"cveCode\": \"CVE-2023-21176\",\n \"text\": \"In list_key_entries of utils.rs, there is a possible way to disable user credentials due to resource exhaustion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222287335\",\n \"lastModified\": \"2023-06-30T15:42:04.187Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdbb\",\n \"cveCode\": \"CVE-2023-21177\",\n \"text\": \"In requestAppKeyboardShortcuts of WindowManagerService.java, there is a possible way to infer the app a user is interacting with due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-273906410\",\n \"lastModified\": \"2023-06-30T15:53:25.413Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdbf\",\n \"cveCode\": \"CVE-2023-21178\",\n \"text\": \"In installKey of KeyUtil.cpp, there is a possible failure of file encryption due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-140762419\",\n \"lastModified\": \"2023-06-30T17:50:09.863Z\",\n \"exploitabilityScore\": 0.5,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.1\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdc3\",\n \"cveCode\": \"CVE-2023-21179\",\n \"text\": \"In parseSecurityParamsFromXml of XmlUtil.java, there is a possible bypass of user specified wifi encryption protocol due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-272755865\",\n \"lastModified\": \"2023-06-30T17:50:41.290Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdc7\",\n \"cveCode\": \"CVE-2023-21180\",\n \"text\": \"In xmlParseTryOrFinish of parser.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-261365944\",\n \"lastModified\": \"2023-07-05T21:28:29.557Z\",\n \"exploitabilityScore\": 3.9,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdcb\",\n \"cveCode\": \"CVE-2023-21181\",\n \"text\": \"In btm_ble_update_inq_result of btm_ble_gap.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-264880969\",\n \"lastModified\": \"2023-07-05T21:31:36.910Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdcf\",\n \"cveCode\": \"CVE-2023-21182\",\n \"text\": \"In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-252764175\",\n \"lastModified\": \"2023-07-05T21:29:12.937Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdd3\",\n \"cveCode\": \"CVE-2023-21183\",\n \"text\": \"In ForegroundUtils of ForegroundUtils.java, there is a possible way to read NFC tag data while the app is still in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235863754\",\n \"lastModified\": \"2023-07-05T21:33:37.963Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdd7\",\n \"cveCode\": \"CVE-2023-21184\",\n \"text\": \"In getCurrentPrivilegedPackagesForAllUsers of CarrierPrivilegesTracker.java, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-267809568\",\n \"lastModified\": \"2023-07-05T17:07:32.573Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fddb\",\n \"cveCode\": \"CVE-2023-21185\",\n \"text\": \"In multiple functions of WifiNetworkFactory.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-266700762\",\n \"lastModified\": \"2023-07-05T17:06:43.733Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fddf\",\n \"cveCode\": \"CVE-2023-21186\",\n \"text\": \"In LogResponse of Dns.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-261079188\",\n \"lastModified\": \"2023-07-05T17:05:40.533Z\",\n \"exploitabilityScore\": 3.9,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fde3\",\n \"cveCode\": \"CVE-2023-21187\",\n \"text\": \"In onCreate of UsbAccessoryUriActivity.java, there is a possible way to escape the Setup Wizard due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246542917\",\n \"lastModified\": \"2023-07-05T16:46:39.883Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fde7\",\n \"cveCode\": \"CVE-2023-21188\",\n \"text\": \"In btm_ble_update_inq_result of btm_ble_gap.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-264624283\",\n \"lastModified\": \"2023-07-05T16:42:24.047Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdeb\",\n \"cveCode\": \"CVE-2023-21189\",\n \"text\": \"In startLockTaskMode of LockTaskController.java, there is a possible bypass of lock task mode due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-213942596\",\n \"lastModified\": \"2023-07-05T16:59:00.037Z\",\n \"exploitabilityScore\": 1.3,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdef\",\n \"cveCode\": \"CVE-2023-21190\",\n \"text\": \"In btm_acl_encrypt_change of btm_acl.cc, there is a possible way for a remote device to turn off encryption without resulting in a terminated connection due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-251436534\",\n \"lastModified\": \"2023-07-05T16:58:36.420Z\",\n \"exploitabilityScore\": 1.3,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdf3\",\n \"cveCode\": \"CVE-2023-21191\",\n \"text\": \"In fixNotification of NotificationManagerService.java, there is a possible bypass of notification hide preference due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-269738057\",\n \"lastModified\": \"2023-07-05T16:54:48.317Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdf7\",\n \"cveCode\": \"CVE-2023-21192\",\n \"text\": \"In setInputMethodWithSubtypeIdLocked of InputMethodManagerService.java, there is a possible way to setup input methods that are not enabled due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227207653\",\n \"lastModified\": \"2023-07-05T16:54:14.977Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdfb\",\n \"cveCode\": \"CVE-2023-21193\",\n \"text\": \"In VideoFrame of VideoFrame.h, there is a possible abort due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233006499\",\n \"lastModified\": \"2023-07-05T16:52:35.483Z\",\n \"exploitabilityScore\": 3.9,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fdff\",\n \"cveCode\": \"CVE-2023-21194\",\n \"text\": \"In gatt_dbg_op_name of gatt_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260079141\",\n \"lastModified\": \"2023-07-05T17:10:57.323Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe03\",\n \"cveCode\": \"CVE-2023-21195\",\n \"text\": \"In btm_ble_periodic_adv_sync_tx_rcvd of btm_ble_gap.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth, if the firmware were compromised with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233879420\",\n \"lastModified\": \"2023-07-05T15:55:24.387Z\",\n \"exploitabilityScore\": 0.9,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe07\",\n \"cveCode\": \"CVE-2023-21196\",\n \"text\": \"In btm_ble_batchscan_filter_track_adv_vse_cback of btm_ble_batchscan.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-261857395\",\n \"lastModified\": \"2023-07-05T15:57:24.927Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe0b\",\n \"cveCode\": \"CVE-2023-21197\",\n \"text\": \"In btm_acl_process_sca_cmpl_pkt of btm_acl.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-251427561\",\n \"lastModified\": \"2023-07-05T16:05:40.793Z\",\n \"exploitabilityScore\": 3.9,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe0f\",\n \"cveCode\": \"CVE-2023-21198\",\n \"text\": \"In remove_sdp_record of btif_sdp_server.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245517503\",\n \"lastModified\": \"2023-07-05T16:08:07.660Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe13\",\n \"cveCode\": \"CVE-2023-21199\",\n \"text\": \"In btu_ble_proc_ltk_req of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-254445961\",\n \"lastModified\": \"2023-07-05T16:12:07.917Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe17\",\n \"cveCode\": \"CVE-2023-21200\",\n \"text\": \"In on_remove_iso_data_path of btm_iso_impl.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-236688764\",\n \"lastModified\": \"2023-07-05T16:15:27.017Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe1b\",\n \"cveCode\": \"CVE-2023-21201\",\n \"text\": \"In on_create_record_event of btif_sdp_server.cc, there is a possible out of bounds read due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-263545186\",\n \"lastModified\": \"2023-07-05T16:16:48.690Z\",\n \"exploitabilityScore\": 3.9,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe1f\",\n \"cveCode\": \"CVE-2023-21202\",\n \"text\": \"In btm_delete_stored_link_key_complete of btm_devctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568359\",\n \"lastModified\": \"2023-07-05T16:18:33.540Z\",\n \"exploitabilityScore\": 0.9,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe23\",\n \"cveCode\": \"CVE-2023-21203\",\n \"text\": \"In startWpsPbcInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262246082\",\n \"lastModified\": \"2023-07-05T16:45:57.943Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe27\",\n \"cveCode\": \"CVE-2023-21204\",\n \"text\": \"In multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262246231\",\n \"lastModified\": \"2023-07-05T16:49:22.747Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe2b\",\n \"cveCode\": \"CVE-2023-21205\",\n \"text\": \"In startWpsPinDisplayInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262245376\",\n \"lastModified\": \"2023-07-05T17:04:04.573Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe2f\",\n \"cveCode\": \"CVE-2023-21206\",\n \"text\": \"In initiateVenueUrlAnqpQueryInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262245630\",\n \"lastModified\": \"2023-07-05T17:04:02.357Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe33\",\n \"cveCode\": \"CVE-2023-21207\",\n \"text\": \"In initiateTdlsSetupInternal of sta_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262236670\",\n \"lastModified\": \"2023-07-05T17:04:52.277Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe37\",\n \"cveCode\": \"CVE-2023-21208\",\n \"text\": \"In setCountryCodeInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262245254\",\n \"lastModified\": \"2023-07-05T17:05:19.113Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe3b\",\n \"cveCode\": \"CVE-2023-21209\",\n \"text\": \"In multiple functions of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262236273\",\n \"lastModified\": \"2023-07-05T17:06:09.567Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe3f\",\n \"cveCode\": \"CVE-2023-21210\",\n \"text\": \"In initiateHs20IconQueryInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262236331\",\n \"lastModified\": \"2023-07-05T21:36:42.483Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe43\",\n \"cveCode\": \"CVE-2023-21211\",\n \"text\": \"In multiple files, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262235998\",\n \"lastModified\": \"2023-07-05T21:40:07.350Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe47\",\n \"cveCode\": \"CVE-2023-21212\",\n \"text\": \"In multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262236031\",\n \"lastModified\": \"2023-07-06T09:34:10.657Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe4b\",\n \"cveCode\": \"CVE-2023-21213\",\n \"text\": \"In initiateTdlsTeardownInternal of sta_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262235951\",\n \"lastModified\": \"2023-07-06T09:33:48.017Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe4f\",\n \"cveCode\": \"CVE-2023-21214\",\n \"text\": \"In addGroupWithConfigInternal of p2p_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262235736\",\n \"lastModified\": \"2023-07-06T09:33:31.707Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe53\",\n \"cveCode\": \"CVE-2023-21237\",\n \"text\": \"In applyRemoteView of NotificationContentInflater.java, there is a possible way to hide foreground service notification due to misleading or insufficient UI. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-251586912\",\n \"lastModified\": \"2023-07-06T09:36:10.137Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe57\",\n \"cveCode\": \"CVE-2023-20748\",\n \"text\": \"In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07536951; Issue ID: ALPS07536951.\",\n \"lastModified\": \"2023-07-07T20:24:46.117Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe5b\",\n \"cveCode\": \"CVE-2023-20753\",\n \"text\": \"In rpmb, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460390; Issue ID: ALPS07588667.\",\n \"lastModified\": \"2023-07-07T20:25:20.373Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe5f\",\n \"cveCode\": \"CVE-2023-20754\",\n \"text\": \"In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07563028; Issue ID: ALPS07588343.\",\n \"lastModified\": \"2023-07-07T20:26:37.327Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe63\",\n \"cveCode\": \"CVE-2023-20755\",\n \"text\": \"In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07509605.\",\n \"lastModified\": \"2023-07-07T18:08:18.937Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe67\",\n \"cveCode\": \"CVE-2023-20756\",\n \"text\": \"In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07549928.\",\n \"lastModified\": \"2023-07-07T18:07:26.080Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe6b\",\n \"cveCode\": \"CVE-2023-20757\",\n \"text\": \"In cmdq, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07636133; Issue ID: ALPS07636133.\",\n \"lastModified\": \"2023-07-09T22:55:11.430Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe6f\",\n \"cveCode\": \"CVE-2023-20758\",\n \"text\": \"In cmdq, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07636133; Issue ID: ALPS07636130.\",\n \"lastModified\": \"2023-07-09T22:55:02.297Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe73\",\n \"cveCode\": \"CVE-2023-20759\",\n \"text\": \"In cmdq, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07636133; Issue ID: ALPS07634601.\",\n \"lastModified\": \"2023-07-09T22:54:49.917Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe77\",\n \"cveCode\": \"CVE-2023-20760\",\n \"text\": \"In apu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629578; Issue ID: ALPS07629578.\",\n \"lastModified\": \"2023-07-09T22:54:34.707Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe7b\",\n \"cveCode\": \"CVE-2023-20761\",\n \"text\": \"In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628604; Issue ID: ALPS07628582.\",\n \"lastModified\": \"2023-07-09T22:59:23.667Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe7f\",\n \"cveCode\": \"CVE-2023-20766\",\n \"text\": \"In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573237; Issue ID: ALPS07573202.\",\n \"lastModified\": \"2023-07-09T22:59:15.053Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe83\",\n \"cveCode\": \"CVE-2023-20767\",\n \"text\": \"In pqframework, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629585; Issue ID: ALPS07629584.\",\n \"lastModified\": \"2023-07-09T22:56:12.273Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe87\",\n \"cveCode\": \"CVE-2023-20772\",\n \"text\": \"In vow, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441796; Issue ID: ALPS07441796.\",\n \"lastModified\": \"2023-07-09T23:01:43.217Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe8b\",\n \"cveCode\": \"CVE-2023-20773\",\n \"text\": \"In vow, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07611449; Issue ID: ALPS07441735.\",\n \"lastModified\": \"2023-07-09T23:01:28.903Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe8f\",\n \"cveCode\": \"CVE-2023-20774\",\n \"text\": \"In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07292228; Issue ID: ALPS07292228.\",\n \"lastModified\": \"2023-07-09T23:01:05.343Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe93\",\n \"cveCode\": \"CVE-2023-20775\",\n \"text\": \"In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07978760; Issue ID: ALPS07363410.\",\n \"lastModified\": \"2023-07-09T23:00:23.110Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"6.7\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe97\",\n \"cveCode\": \"CVE-2023-30678\",\n \"text\": \"Potential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file.\",\n \"lastModified\": \"2023-07-12T21:39:28.843Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe9b\",\n \"cveCode\": \"CVE-2022-48451\",\n \"text\": \"In bluetooth service, there is a possible out of bounds write due to race condition. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-07-19T13:52:34.120Z\",\n \"exploitabilityScore\": 0.5,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.1\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fe9f\",\n \"cveCode\": \"CVE-2023-30913\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T12:49:19.733Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fea3\",\n \"cveCode\": \"CVE-2023-30916\",\n \"text\": \"In DMService, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-07-19T13:39:50.000Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fea7\",\n \"cveCode\": \"CVE-2023-30917\",\n \"text\": \"In DMService, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-07-19T13:39:52.580Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6feab\",\n \"cveCode\": \"CVE-2023-30918\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T13:39:55.277Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6feaf\",\n \"cveCode\": \"CVE-2023-30919\",\n \"text\": \"In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T13:33:01.817Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6feb3\",\n \"cveCode\": \"CVE-2023-30920\",\n \"text\": \"In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T13:33:28.653Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6feb7\",\n \"cveCode\": \"CVE-2023-30921\",\n \"text\": \"In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T13:44:06.077Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6febb\",\n \"cveCode\": \"CVE-2023-30922\",\n \"text\": \"In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T13:40:01.970Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6febf\",\n \"cveCode\": \"CVE-2023-30923\",\n \"text\": \"In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T13:39:59.927Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fec3\",\n \"cveCode\": \"CVE-2023-30924\",\n \"text\": \"In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T13:40:04.407Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fec7\",\n \"cveCode\": \"CVE-2023-30925\",\n \"text\": \"In opm service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T13:40:07.203Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fecb\",\n \"cveCode\": \"CVE-2023-30926\",\n \"text\": \"In opm service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T13:42:46.443Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fecf\",\n \"cveCode\": \"CVE-2023-30927\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T13:40:12.373Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fed3\",\n \"cveCode\": \"CVE-2023-30928\",\n \"text\": \"In telephony service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-07-19T22:26:16.403Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fed7\",\n \"cveCode\": \"CVE-2023-30929\",\n \"text\": \"In telephony service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\",\n \"lastModified\": \"2023-07-19T15:19:37.593Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fedb\",\n \"cveCode\": \"CVE-2023-30930\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T15:21:48.567Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fedf\",\n \"cveCode\": \"CVE-2023-30931\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T15:25:47.867Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fee3\",\n \"cveCode\": \"CVE-2023-30932\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T20:59:14.670Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fee7\",\n \"cveCode\": \"CVE-2023-30933\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T21:03:36.287Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6feeb\",\n \"cveCode\": \"CVE-2023-30934\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T21:14:03.677Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6feef\",\n \"cveCode\": \"CVE-2023-30935\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T21:17:56.880Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fef3\",\n \"cveCode\": \"CVE-2023-30936\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T22:17:35.127Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fef7\",\n \"cveCode\": \"CVE-2023-30937\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T22:16:05.337Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6fefb\",\n \"cveCode\": \"CVE-2023-30938\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T22:25:49.427Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6feff\",\n \"cveCode\": \"CVE-2023-30939\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T22:26:36.267Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff03\",\n \"cveCode\": \"CVE-2023-30940\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T22:23:12.603Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff07\",\n \"cveCode\": \"CVE-2023-30941\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-19T22:20:32.973Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff0b\",\n \"cveCode\": \"CVE-2023-30942\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:32:10.067Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff0f\",\n \"cveCode\": \"CVE-2023-32788\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:32:20.717Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff13\",\n \"cveCode\": \"CVE-2023-32789\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:32:33.757Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff17\",\n \"cveCode\": \"CVE-2023-33879\",\n \"text\": \"In music service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-20T09:55:16.117Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 1.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"3.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff1b\",\n \"cveCode\": \"CVE-2023-33880\",\n \"text\": \"In music service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-20T10:03:28.540Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 1.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"3.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff1f\",\n \"cveCode\": \"CVE-2023-33881\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:32:56.513Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff23\",\n \"cveCode\": \"CVE-2023-33882\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:33:16.820Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff27\",\n \"cveCode\": \"CVE-2023-33883\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:33:34.787Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff2b\",\n \"cveCode\": \"CVE-2023-33884\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:33:52.840Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff2f\",\n \"cveCode\": \"CVE-2023-33885\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:34:16.937Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff33\",\n \"cveCode\": \"CVE-2023-33886\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:34:33.693Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff37\",\n \"cveCode\": \"CVE-2023-33887\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:34:53.757Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff3b\",\n \"cveCode\": \"CVE-2023-33888\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:35:25.057Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff3f\",\n \"cveCode\": \"CVE-2023-33889\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:27:02.560Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff43\",\n \"cveCode\": \"CVE-2023-33890\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:27:25.530Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff47\",\n \"cveCode\": \"CVE-2023-33891\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:27:44.160Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff4b\",\n \"cveCode\": \"CVE-2023-33892\",\n \"text\": \"In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:28:02.340Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff4f\",\n \"cveCode\": \"CVE-2023-33893\",\n \"text\": \"In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:28:11.250Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff53\",\n \"cveCode\": \"CVE-2023-33894\",\n \"text\": \"In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:28:25.547Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff57\",\n \"cveCode\": \"CVE-2023-33895\",\n \"text\": \"In fastDial service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T19:04:23.683Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff5b\",\n \"cveCode\": \"CVE-2023-33896\",\n \"text\": \"In libimpl-ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-07-18T19:42:48.283Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff5f\",\n \"cveCode\": \"CVE-2023-33897\",\n \"text\": \"In libimpl-ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-07-18T19:43:00.650Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff63\",\n \"cveCode\": \"CVE-2023-33898\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T19:43:41.843Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff67\",\n \"cveCode\": \"CVE-2023-33899\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:28:43.857Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff6b\",\n \"cveCode\": \"CVE-2023-33900\",\n \"text\": \"In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.\",\n \"lastModified\": \"2023-07-18T20:23:22.387Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff6f\",\n \"cveCode\": \"CVE-2023-33903\",\n \"text\": \"In FM service, there is a possible missing params check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-07-19T22:06:29.007Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff73\",\n \"cveCode\": \"CVE-2023-33905\",\n \"text\": \"In iwnpi server, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\",\n \"lastModified\": \"2023-07-19T22:01:40.953Z\",\n \"exploitabilityScore\": 0.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"4.4\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff77\",\n \"cveCode\": \"CVE-2023-20918\",\n \"text\": \"In getPendingIntentLaunchFlags of ActivityOptions.java, there is a possible elevation of privilege due to a confused deputy with no additional execution privileges needed. User interaction is not needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-25T14:32:46.967Z\",\n \"exploitabilityScore\": 3.9,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"9.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff7b\",\n \"cveCode\": \"CVE-2023-20942\",\n \"text\": \"In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-25T14:12:56.930Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff7f\",\n \"cveCode\": \"CVE-2023-21145\",\n \"text\": \"In updatePictureInPictureMode of ActivityRecord.java, there is a possible bypass of background launch restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-25T14:31:22.643Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff83\",\n \"cveCode\": \"CVE-2023-21238\",\n \"text\": \"In visitUris of RemoteViews.java, there is a possible leak of images between users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-25T14:31:59.637Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff87\",\n \"cveCode\": \"CVE-2023-21239\",\n \"text\": \"In visitUris of Notification.java, there is a possible way to leak image data across user boundaries due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-25T14:32:14.360Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff8b\",\n \"cveCode\": \"CVE-2023-21240\",\n \"text\": \"In Policy of Policy.java, there is a possible boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-25T13:05:18.047Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff8f\",\n \"cveCode\": \"CVE-2023-21241\",\n \"text\": \"In rw_i93_send_to_upper of rw_i93.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-25T13:05:58.603Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff93\",\n \"cveCode\": \"CVE-2023-21243\",\n \"text\": \"In validateForCommonR1andR2 of PasspointConfiguration.java, there is a possible way to inflate the size of a config file with no limits due to a buffer overflow. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-25T13:06:21.863Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff97\",\n \"cveCode\": \"CVE-2023-21245\",\n \"text\": \"In showNextSecurityScreenOrFinish of KeyguardSecurityContainerController.java, there is a possible way to access the lock screen during device setup due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-25T12:42:10.183Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff9b\",\n \"cveCode\": \"CVE-2023-21246\",\n \"text\": \"In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification listening access due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-25T12:46:17.067Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 1.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"3.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ff9f\",\n \"cveCode\": \"CVE-2023-21247\",\n \"text\": \"In getAvailabilityStatus of BluetoothScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-25T12:48:21.930Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ffa3\",\n \"cveCode\": \"CVE-2023-21248\",\n \"text\": \"In getAvailabilityStatus of WifiScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-25T12:35:34.197Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ffa7\",\n \"cveCode\": \"CVE-2023-21249\",\n \"text\": \"In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time permission retention due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-25T12:36:54.813Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ffab\",\n \"cveCode\": \"CVE-2023-21250\",\n \"text\": \"In gatt_end_operation of gatt_utils.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-25T12:37:24.000Z\",\n \"exploitabilityScore\": 3.9,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"9.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ffaf\",\n \"cveCode\": \"CVE-2023-21251\",\n \"text\": \"In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-25T11:18:16.247Z\",\n \"exploitabilityScore\": 1.3,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.3\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ffb3\",\n \"cveCode\": \"CVE-2023-21254\",\n \"text\": \"In getCurrentState of OneTimePermissionUserManager.java, there is a possible way to hold one-time permissions after the app is being killed due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-25T11:59:19.453Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ffb7\",\n \"cveCode\": \"CVE-2023-21256\",\n \"text\": \"In SettingsHomepageActivity.java, there is a possible way to launch arbitrary activities via Settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-25T12:00:52.077Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ffbb\",\n \"cveCode\": \"CVE-2023-21257\",\n \"text\": \"In updateSettingsInternalLI of InstallPackageHelper.java, there is a possible way to sideload an app in the work profile due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-20T16:16:58.023Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 5.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"7.8\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ffbf\",\n \"cveCode\": \"CVE-2023-21262\",\n \"text\": \"In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. This could lead to false user expectations. User interaction is needed for exploitation.\\n\\n\",\n \"lastModified\": \"2023-07-20T14:17:41.280Z\",\n \"exploitabilityScore\": 1.6,\n \"impactScore\": 1.4,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"3.1\",\n \"__v\": 0\n },\n {\n \"_id\": \"64dbe7a9657f6984f8b6ffc3\",\n \"cveCode\": \"CVE-2023-21260\",\n \"text\": \"In notification access permission dialog box, malicious application can embedded a very long service label that overflow the original user prompt and possibly contains mis-leading information to be appeared as a system message for user confirmation.\\n\\n\",\n \"lastModified\": \"2023-07-20T15:34:40.987Z\",\n \"exploitabilityScore\": 1.8,\n \"impactScore\": 3.6,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV31\",\n \"baseScore\": \"5.5\",\n \"__v\": 0\n }\n ],\n \"cpeTitle\": \"Google Android 13.0\"\n}"},{"id":"a679aa58-5e9c-49b9-8ccc-0d929dc3a9f1","name":"unsuccessfull get new cves of a cpe with wrong cpeNameId","originalRequest":{"method":"GET","header":[{"key":"x-auth-token","value":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NGRiZTdhMzY1N2Y2OTg0ZjhiNmViYzkiLCJ1c2VybmFtZSI6Inlhc2luIiwiaWF0IjoxNjkyMzUwMTMzfQ.YPoA4oPtazZ4zqnSK_l5V-8XrRONL8PxsUg6BX8plaU","type":"text"}],"url":"http://localhost:3001/my-cpes/36DB42C7-1317-4784-A679-73C7C8BC/new-cves"},"status":"Not Found","code":404,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"78"},{"key":"ETag","value":"W/\"4e-0b5grkx/na29CY+twQJk9QeJrfQ\""},{"key":"Date","value":"Fri, 18 Aug 2023 11:08:53 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"برنامه مورد نظر پیدا نشد.\",\n \"type\": \"cpeNotFound\"\n}"}],"_postman_id":"382b6093-af66-4e9c-9dc9-557d27b807ce"},{"name":"getting a specific cve of a specific cpe","id":"f494de2a-c6a0-4ed6-865e-5b894c70d0a0","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"x-auth-token","value":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NDU1NWQ1YmI4MDk2ZDNjMjNlYTlmMGYiLCJ1c2VybmFtZSI6ImphZmFyIiwiaWF0IjoxNjg3OTYwMzc3fQ.GkCNucTH27w6tVzTGwGDK9NH71koO0qb4rpbcyOuLys","type":"text"}],"url":"http://localhost:3001/my-cpes//cves/","description":"format of url address must be:
\n/cpe/${CPE-id}/new-CVEs\n\n
StartFragment
\nEndFragment
\n","urlObject":{"protocol":"http","port":"3001","path":["my-cpes","","cves",""],"host":["localhost"],"query":[],"variable":[]}},"response":[{"id":"55fb6ea5-0ae8-48be-bb1e-29062142859b","name":"getting a specific cve of a specific cpe","originalRequest":{"method":"GET","header":[{"key":"x-auth-token","value":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NDU1NWQ1YmI4MDk2ZDNjMjNlYTlmMGYiLCJ1c2VybmFtZSI6ImphZmFyIiwiaWF0IjoxNjg3OTYwMzc3fQ.GkCNucTH27w6tVzTGwGDK9NH71koO0qb4rpbcyOuLys","type":"text"}],"url":"http://localhost:3001/my-cpes/FCBDF01A-4A03-4B06-9E69-D9A7A854BF9D/cves/CVE-1999-0717"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"310"},{"key":"ETag","value":"W/\"136-/kn9IWeIdWLgtwZxT6G+FKSRYJg\""},{"key":"Date","value":"Fri, 18 Aug 2023 11:22:20 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"_id\": \"64dc9f472b505e704f0f29ec\",\n \"cveCode\": \"CVE-1999-0717\",\n \"text\": \"A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.\",\n \"lastModified\": \"2018-10-12T17:59:09.077Z\",\n \"exploitabilityScore\": 4.9,\n \"impactScore\": 2.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"2.6\",\n \"__v\": 0\n}"},{"id":"77115452-3606-472e-91d9-3a37eb8f7f22","name":"getting a specific cve of a specific cpe with wrong cveCode","originalRequest":{"method":"GET","header":[{"key":"x-auth-token","value":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2NDU1NWQ1YmI4MDk2ZDNjMjNlYTlmMGYiLCJ1c2VybmFtZSI6ImphZmFyIiwiaWF0IjoxNjg3OTYwMzc3fQ.GkCNucTH27w6tVzTGwGDK9NH71koO0qb4rpbcyOuLys","type":"text"}],"url":"http://localhost:3001/my-cpes/FCBDF01A-4A03-4B06-9E69-D9A7A854BF9D/cves/CVE-1999-0717"},"status":"OK","code":200,"_postman_previewlanguage":"json","header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"310"},{"key":"ETag","value":"W/\"136-/kn9IWeIdWLgtwZxT6G+FKSRYJg\""},{"key":"Date","value":"Fri, 18 Aug 2023 11:22:20 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"_id\": \"64dc9f472b505e704f0f29ec\",\n \"cveCode\": \"CVE-1999-0717\",\n \"text\": \"A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.\",\n \"lastModified\": \"2018-10-12T17:59:09.077Z\",\n \"exploitabilityScore\": 4.9,\n \"impactScore\": 2.9,\n \"source\": \"nvd@nist.gov\",\n \"format\": \"cvssMetricV2\",\n \"baseScore\": \"2.6\",\n \"__v\": 0\n}"}],"_postman_id":"f494de2a-c6a0-4ed6-865e-5b894c70d0a0"}],"id":"6cfdaccf-2a32-4736-b381-e584342cc842","_postman_id":"6cfdaccf-2a32-4736-b381-e584342cc842","description":""}]}