Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
8771 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-20209 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| In hme_add_new_node_to_a_sorted_array of hme_utils.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-207502397 | ||||
| CVE-2022-20208 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| In parseRecursively of cppbor_parse.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-192743373 | ||||
| CVE-2022-20207 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In static definitions of GattServiceConfig.java, there is a possible permission bypass due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-185513714 | ||||
| CVE-2022-20206 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In setPackageOrComponentEnabled of NotificationManagerService.java, there is a missing permission check. This could lead to local information disclosure about enabled notification listeners with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-220737634 | ||||
| CVE-2022-20205 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In isFileUri of FileUtil.java, there is a possible way to bypass the check for a file:// scheme due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215212561 | ||||
| CVE-2022-20204 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In registerRemoteBugreportReceivers of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-171495100 | ||||
| CVE-2022-20203 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In multiple locations of the nanopb library, there is a possible way to corrupt memory when decoding untrusted protobuf files. This could lead to local escalation of privilege,with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2022-20202 | 1 Google | 1 Android | 2024-11-21 | 6.5 Medium |
| In ih264_resi_trans_quant_4x4_sse42 of ih264_resi_trans_quant_sse42.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-204704614 | ||||
| CVE-2022-20201 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In getAppSize of InstalldNativeService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-220733817 | ||||
| CVE-2022-20200 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In updateApState of SoftApManager.java, there is a possible leak of hotspot state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-212695058 | ||||
| CVE-2022-20198 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| In llcp_dlc_proc_connect_pdu of llcp_dlc.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure from the NFC stack with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-221851879 | ||||
| CVE-2022-20197 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In recycle of Parcel.java, there is a possible way to start foreground activity from background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-208279300 | ||||
| CVE-2022-20196 | 1 Google | 1 Android | 2024-11-21 | 5.0 Medium |
| In gallery3d and photos, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-201535148 | ||||
| CVE-2022-20195 | 1 Google | 1 Android | 2024-11-21 | 5.0 Medium |
| In the keystore library, there is a possible prevention of access to system Settings due to unsafe deserialization. This could lead to local denial of service with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-213172664 | ||||
| CVE-2022-20194 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In onCreate of ChooseLockGeneric.java, there is a possible permission bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-222684510 | ||||
| CVE-2022-20193 | 1 Google | 1 Android | 2024-11-21 | 7.3 High |
| In getUniqueUsagesWithLabels of PermissionUsageHelper.java, there is a possible incorrect permission attribution due to a logic error in the code. This could lead to local escalation of privilege by conflating apps with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-212434116 | ||||
| CVE-2022-20192 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In grantEmbeddedWindowFocus of WindowManagerService.java, there is a possible way to change an input channel for embedded hierarchy due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215912712 | ||||
| CVE-2022-20191 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| Product: AndroidVersions: Android kernelAndroid ID: A-209324757References: N/A | ||||
| CVE-2022-20190 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| Product: AndroidVersions: Android kernelAndroid ID: A-208744915References: N/A | ||||
| CVE-2022-20188 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| Product: AndroidVersions: Android kernelAndroid ID: A-207254598References: N/A | ||||