Filtered by vendor Google
Subscribe
Total
10294 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-21746 | 2 Google, Mediatek | 17 Android, Mt6771, Mt6779 and 14 more | 2022-06-13 | 2.1 LOW | 4.4 MEDIUM |
| In imgsensor, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479698; Issue ID: ALPS06479698. | |||||
| CVE-2022-21745 | 2 Google, Mediatek | 44 Android, Mt6761, Mt6762 and 41 more | 2022-06-13 | 8.3 HIGH | 8.8 HIGH |
| In WIFI Firmware, there is a possible memory corruption due to a use after free. This could lead to remote escalation of privilege, when devices are connecting to the attacker-controllable Wi-Fi hotspot, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468872; Issue ID: ALPS06468872. | |||||
| CVE-2022-30727 | 1 Google | 1 Android | 2022-06-10 | 2.1 LOW | 5.5 MEDIUM |
| Improper handling of insufficient permissions vulnerability in addAppPackageNameToAllowList in PersonaManagerService prior to SMR Jun-2022 Release 1 allows local attackers to set some setting value in work space. | |||||
| CVE-2022-30728 | 1 Google | 1 Android | 2022-06-10 | 2.1 LOW | 3.3 LOW |
| Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information. | |||||
| CVE-2022-30726 | 1 Google | 1 Android | 2022-06-10 | 4.6 MEDIUM | 7.8 HIGH |
| Unprotected component vulnerability in DeviceSearchTrampoline in SecSettingsIntelligence prior to SMR Jun-2022 Release 1 allows local attackers to launch activities of SecSettingsIntelligence. | |||||
| CVE-2022-30729 | 1 Google | 1 Android | 2022-06-10 | 2.1 LOW | 4.6 MEDIUM |
| Implicit Intent hijacking vulnerability in Settings prior to SMR Jun-2022 Release 1 allows attackers to get Wi-Fi SSID and password via a malicious QR code scanner. | |||||
| CVE-2022-30723 | 1 Google | 1 Android | 2022-06-10 | 3.3 LOW | 4.3 MEDIUM |
| Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in activateVoiceRecognitionWithDevice function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device. | |||||
| CVE-2022-30724 | 1 Google | 1 Android | 2022-06-10 | 3.3 LOW | 4.3 MEDIUM |
| Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionCompleted function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device. | |||||
| CVE-2022-30722 | 1 Google | 1 Android | 2022-06-10 | 7.5 HIGH | 9.8 CRITICAL |
| Implicit Intent hijacking vulnerability in Samsung Account prior to SMR Jun-2022 Release 1 allows attackers to bypass user confirmation of Samsung Account. | |||||
| CVE-2022-30725 | 1 Google | 1 Android | 2022-06-10 | 3.3 LOW | 4.3 MEDIUM |
| Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionError function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device. | |||||
| CVE-2022-30721 | 1 Google | 1 Android | 2022-06-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash. | |||||
| CVE-2022-30720 | 1 Google | 1 Android | 2022-06-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash. | |||||
| CVE-2022-30719 | 1 Google | 1 Android | 2022-06-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash. | |||||
| CVE-2022-30717 | 1 Google | 1 Android | 2022-06-10 | 5.0 MEDIUM | 7.5 HIGH |
| Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1 allows untrusted applications to use some camera functions via deeplink. | |||||
| CVE-2022-30716 | 1 Google | 1 Android | 2022-06-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| Unprotected broadcast in sendIntentForToastDumpLog in DisplayToast prior to SMR Jun-2022 Release 1 allows untrusted applications to access toast message information from device. | |||||
| CVE-2022-30714 | 1 Google | 1 Android | 2022-06-10 | 2.1 LOW | 3.3 LOW |
| Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information. | |||||
| CVE-2022-30715 | 1 Google | 1 Android | 2022-06-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper access control vulnerability in DofViewer prior to SMR Jun-2022 Release 1 allows attackers to control floating system alert window. | |||||
| CVE-2022-30712 | 1 Google | 1 Android | 2022-06-10 | 6.4 MEDIUM | 9.1 CRITICAL |
| Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities. | |||||
| CVE-2022-30713 | 1 Google | 1 Android | 2022-06-10 | 9.4 HIGH | 9.1 CRITICAL |
| Improper validation vulnerability in LSOItemData prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities. | |||||
| CVE-2022-30711 | 1 Google | 1 Android | 2022-06-10 | 9.4 HIGH | 9.1 CRITICAL |
| Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities. | |||||