Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20322 | 1 Google | 1 Android | 2022-08-18 | N/A | 5.5 MEDIUM |
| In PackageManager, there is a possible installed package disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187176993 | |||||
| CVE-2022-20321 | 1 Google | 1 Android | 2022-08-18 | N/A | 3.3 LOW |
| In Settings, there is a possible way for an application without permissions to read content of WiFi QR codes due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187176859 | |||||
| CVE-2022-20319 | 1 Google | 1 Android | 2022-08-18 | N/A | 7.8 HIGH |
| In DreamServices, there is a possible way to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-189574230 | |||||
| CVE-2022-33991 | 1 Dproxy-nexgen Project | 1 Dproxy-nexgen | 2022-08-18 | N/A | 5.3 MEDIUM |
| dproxy-nexgen (aka dproxy nexgen) forwards and caches DNS queries with the CD (aka checking disabled) bit set to 1. This leads to disabling of DNSSEC protection provided by upstream resolvers. | |||||
| CVE-2022-20329 | 1 Google | 1 Android | 2022-08-18 | N/A | 7.8 HIGH |
| In Wifi, there is a possible way to enable Wifi without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-183410556 | |||||
| CVE-2022-20280 | 1 Google | 1 Android | 2022-08-18 | N/A | 3.3 LOW |
| In MMSProvider, there is a possible read of protected data due to improper input validationSQL injection. This could lead to local information disclosure of sms/mms data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-204117261 | |||||
| CVE-2022-35434 | 1 Jpeg Quant Smooth Project | 1 Jpeg Quant Smooth | 2022-08-18 | N/A | 5.5 MEDIUM |
| jpeg-quantsmooth before commit 8879454 contained a floating point exception (FPE) via /jpeg-quantsmooth/jpegqs+0x4f5d6c. | |||||
| CVE-2022-36139 | 1 Swfmill | 1 Swfmill | 2022-08-18 | N/A | 7.8 HIGH |
| SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via SWF::Writer::writeByte(unsigned char). | |||||
| CVE-2022-36142 | 1 Swfmill | 1 Swfmill | 2022-08-18 | N/A | 7.8 HIGH |
| SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via SWF::Reader::getU30(). | |||||
| CVE-2022-36141 | 1 Swfmill | 1 Swfmill | 2022-08-18 | N/A | 5.5 MEDIUM |
| SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF::MethodBody::write(SWF::Writer*, SWF::Context*). | |||||
| CVE-2022-36140 | 1 Swfmill | 1 Swfmill | 2022-08-18 | N/A | 5.5 MEDIUM |
| SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF::DeclareFunction2::write(SWF::Writer*, SWF::Context*). | |||||
| CVE-2022-36143 | 1 Swfmill | 1 Swfmill | 2022-08-18 | N/A | 7.8 HIGH |
| SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via __interceptor_strlen.part at /sanitizer_common/sanitizer_common_interceptors.inc. | |||||
| CVE-2022-36145 | 1 Swfmill | 1 Swfmill | 2022-08-18 | N/A | 5.5 MEDIUM |
| SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF::Reader::getWord(). | |||||
| CVE-2022-36144 | 1 Swfmill | 1 Swfmill | 2022-08-18 | N/A | 7.8 HIGH |
| SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via base64_encode. | |||||
| CVE-2022-36146 | 1 Swfmill | 1 Swfmill | 2022-08-18 | N/A | 5.5 MEDIUM |
| SWFMill commit 53d7690 was discovered to contain a memory allocation issue via operator new[](unsigned long) at asan_new_delete.cpp. | |||||
| CVE-2022-20317 | 1 Google | 1 Android | 2022-08-18 | N/A | 5.5 MEDIUM |
| In SystemUI, there is a possible way to unexpectedly enable the external speaker due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-190199063 | |||||
| CVE-2022-20318 | 1 Google | 1 Android | 2022-08-18 | N/A | 3.3 LOW |
| In PackageInstaller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-194694069 | |||||
| CVE-2022-20320 | 1 Google | 1 Android | 2022-08-18 | N/A | 3.3 LOW |
| In ActivityManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187956596 | |||||
| CVE-2022-20328 | 1 Google | 1 Android | 2022-08-18 | N/A | 3.3 LOW |
| In PackageManager, there is a possible way to determine whether an app is installed due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-184948501 | |||||
| CVE-2022-20327 | 1 Google | 1 Android | 2022-08-18 | N/A | 2.8 LOW |
| In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-185126813 | |||||