Filtered by vendor Google
Subscribe
Total
12910 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20443 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| In hasInputInfo of Layer.cpp, there is a possible bypass of user interaction requirements due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-194480991 | |||||
| CVE-2022-20440 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Messaging, There has unauthorized broadcast, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242259918 | |||||
| CVE-2022-20439 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Messaging, There has unauthorized provider, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242266172 | |||||
| CVE-2022-20438 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Messaging, There has unauthorized broadcast, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242259920 | |||||
| CVE-2022-20437 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Messaging, There has unauthorized broadcast, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242258929 | |||||
| CVE-2022-20436 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| There is an unauthorized service in the system service. Since the component does not have permission check, resulting in Local Elevation of privilege.Product: AndroidVersions: Android SoCAndroid ID: A-242248369 | |||||
| CVE-2022-20435 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| There is a Unauthorized service in the system service, may cause the system reboot. Since the component does not have permission check and permission protection, resulting in EoP problem.Product: AndroidVersions: Android SoCAndroid ID: A-242248367 | |||||
| CVE-2022-20434 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| There is an missing authorization issue in the system service. Since the component does not have permission check , resulting in Local Elevation of privilege.Product: AndroidVersions: Android SoCAndroid ID: A-242244028 | |||||
| CVE-2022-20433 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| There is an missing authorization issue in the system service. Since the component does not have permission check , resulting in Local Elevation of privilege.Product: AndroidVersions: Android SoCAndroid ID: A-242221901 | |||||
| CVE-2022-20432 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| There is an missing authorization issue in the system service. Since the component does not have permission check and permission protection,, resulting in Local Elevation of privilege.Product: AndroidVersions: Android SoCAndroid ID: A-242221899 | |||||
| CVE-2022-20431 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| There is an missing authorization issue in the system service. Since the component does not have permission check , resulting in Local Elevation of privilege.Product: AndroidVersions: Android SoCAndroid ID: A-242221238 | |||||
| CVE-2022-20430 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| There is an missing authorization issue in the system service. Since the component does not have permission check , resulting in Local Elevation of privilege.Product: AndroidVersions: Android SoCAndroid ID: A-242221233 | |||||
| CVE-2022-20429 | 1 Google | 1 Android | 2024-11-21 | N/A | 8.8 HIGH |
| In CarSettings of app packages, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220741473 | |||||
| CVE-2022-20425 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent degradation of performance due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-235823407 | |||||
| CVE-2022-20423 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.6 MEDIUM |
| In rndis_set_response of rndis.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious USB device is attached with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239842288References: Upstream kernel | |||||
| CVE-2022-20422 | 2 Debian, Google | 2 Debian Linux, Android | 2024-11-21 | N/A | 7.0 HIGH |
| In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel | |||||
| CVE-2022-20421 | 2 Debian, Google | 2 Debian Linux, Android | 2024-11-21 | N/A | 7.8 HIGH |
| In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel | |||||
| CVE-2022-20420 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| In getBackgroundRestrictionExemptionReason of AppRestrictionController.java, there is a possible way to bypass device policy restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238377411 | |||||
| CVE-2022-20419 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| In setOptions of ActivityRecord.java, there is a possible load any arbitrary Java code into launcher process due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-237290578 | |||||
| CVE-2022-20418 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.5 HIGH |
| In pickStartSeq of AAVCAssembler.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-231986464 | |||||