Total
7791 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-47339 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-08-08 | N/A | 6.7 MEDIUM |
| In cmd services, there is a OS command injection issue due to missing permission check. This could lead to local escalation of privilege with system execution privileges needed. | |||||
| CVE-2021-0964 | 1 Google | 1 Android | 2023-08-08 | 7.1 HIGH | 6.5 MEDIUM |
| In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-193363621 | |||||
| CVE-2021-0946 | 1 Google | 1 Android | 2023-08-08 | N/A | 7.5 HIGH |
| The method PVRSRVBridgePMRPDumpSymbolicAddr allocates puiMemspaceNameInt on the heap, fills the contents of the buffer via PMR_PDumpSymbolicAddr, and then copies the buffer to userspace. The method PMR_PDumpSymbolicAddr may fail, and if it does the buffer will be left uninitialized and despite the error will still be copied to userspace. Kernel leak of uninitialized heap data with no privs required.Product: AndroidVersions: Android SoCAndroid ID: A-236846966 | |||||
| CVE-2021-0679 | 2 Google, Mediatek | 12 Android, Mt6873, Mt6875 and 9 more | 2023-08-08 | 4.6 MEDIUM | 6.7 MEDIUM |
| In apusys, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05687781. | |||||
| CVE-2022-20349 | 1 Google | 1 Android | 2023-08-08 | N/A | 7.8 HIGH |
| In WifiScanningPreferenceController and BluetoothScanningPreferenceController, there is a possible admin restriction bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-228315522 | |||||
| CVE-2022-20491 | 1 Google | 1 Android | 2023-08-08 | N/A | 7.8 HIGH |
| In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703556 | |||||
| CVE-2022-20259 | 1 Google | 1 Android | 2023-08-08 | N/A | 5.5 MEDIUM |
| In Telephony, there is a possible leak of ICCID and EID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-221431393 | |||||
| CVE-2022-32634 | 2 Google, Mediatek | 31 Android, Mt6761, Mt6765 and 28 more | 2023-08-08 | N/A | 6.7 MEDIUM |
| In ccci, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138646; Issue ID: ALPS07138646. | |||||
| CVE-2022-20341 | 1 Google | 1 Android | 2023-08-08 | N/A | 5.5 MEDIUM |
| In ConnectivityService, there is a possible bypass of network permissions due to a missing permission check. This could lead to local information disclosure of tethering interfaces with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-162952629 | |||||
| CVE-2022-32641 | 2 Google, Mediatek | 57 Android, Mt6580, Mt6731 and 54 more | 2023-08-08 | N/A | 6.7 MEDIUM |
| In meta wifi, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453594; Issue ID: ALPS07453594. | |||||
| CVE-2022-20070 | 2 Google, Mediatek | 48 Android, Mt6731, Mt6732 and 45 more | 2023-08-08 | 4.6 MEDIUM | 6.7 MEDIUM |
| In ssmr, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06362920; Issue ID: ALPS06362920. | |||||
| CVE-2021-0900 | 2 Google, Mediatek | 12 Android, Mt6873, Mt6875 and 9 more | 2023-08-08 | 2.1 LOW | 4.4 MEDIUM |
| In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672055. | |||||
| CVE-2022-20326 | 1 Google | 1 Android | 2023-08-08 | N/A | 5.5 MEDIUM |
| In Telephony, there is a possible disclosure of SIM identifiers due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-185235527 | |||||
| CVE-2022-20414 | 1 Google | 1 Android | 2023-08-08 | N/A | 5.5 MEDIUM |
| In setImpl of AlarmManagerService.java, there is a possible way to put a device into a boot loop due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-234441463 | |||||
| CVE-2022-20445 | 1 Google | 1 Android | 2023-08-08 | N/A | 7.5 HIGH |
| In process_service_search_rsp of sdp_discovery.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-225876506 | |||||
| CVE-2022-32630 | 2 Google, Mediatek | 6 Android, Mt6789, Mt6855 and 3 more | 2023-08-08 | N/A | 6.7 MEDIUM |
| In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405966; Issue ID: ALPS07405966. | |||||
| CVE-2022-32603 | 2 Google, Mediatek | 7 Android, Mt6879, Mt6893 and 4 more | 2023-08-08 | N/A | 6.7 MEDIUM |
| In gpu drm, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310704; Issue ID: ALPS07310704. | |||||
| CVE-2021-39688 | 1 Google | 1 Android | 2023-08-08 | 2.1 LOW | 5.5 MEDIUM |
| In TBD of TBD, there is a possible out of bounds read due to TBD. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-206039140References: N/A | |||||
| CVE-2022-20311 | 1 Google | 1 Android | 2023-08-08 | N/A | 3.3 LOW |
| In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-192663553 | |||||
| CVE-2022-20172 | 1 Google | 1 Android | 2023-08-08 | 2.1 LOW | 5.5 MEDIUM |
| In onbind of ShannonRcsService.java, there is a possible access to protect data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-206987222References: N/A | |||||