Total
6434 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20572 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.7 MEDIUM |
| In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel | |||||
| CVE-2022-20574 | 1 Google | 1 Android | 2022-12-21 | N/A | 5.5 MEDIUM |
| In sec_sysmmu_info of drm_fw.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237582191References: N/A | |||||
| CVE-2022-20571 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.7 MEDIUM |
| In extract_metadata of dm-android-verity.c, there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234030265References: Upstream kernel | |||||
| CVE-2022-20536 | 1 Google | 1 Android | 2022-12-21 | N/A | 3.3 LOW |
| In registerBroadcastReceiver of RcsService.java, there is a possible way to change preferred TTY mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235100180 | |||||
| CVE-2022-20535 | 1 Google | 1 Android | 2022-12-21 | N/A | 3.3 LOW |
| In registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233605242 | |||||
| CVE-2022-20569 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.7 MEDIUM |
| In thermal_cooling_device_stats_update of thermal_sysfs.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-229258234References: N/A | |||||
| CVE-2022-20567 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.4 MEDIUM |
| In pppol2tp_create of l2tp_ppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-186777253References: Upstream kernel | |||||
| CVE-2022-20552 | 1 Google | 1 Android | 2022-12-21 | N/A | 5.5 MEDIUM |
| In btif_a2dp_sink_command_ready of btif_a2dp_sink.cc, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-243922806 | |||||
| CVE-2022-20606 | 1 Google | 1 Android | 2022-12-21 | N/A | 4.9 MEDIUM |
| In SAEMM_MiningCodecTableWithMsgIE of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-233230674References: N/A | |||||
| CVE-2022-20605 | 1 Google | 1 Android | 2022-12-21 | N/A | 7.5 HIGH |
| In SAECOMM_CopyBufferBytes of SAECOMM_Utility.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-231722405References: N/A | |||||
| CVE-2022-20508 | 1 Google | 1 Android | 2022-12-21 | N/A | 7.8 HIGH |
| In onAttach of ConfigureWifiSettings.java, there is a possible way for a guest user to change WiFi settings due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-218679614 | |||||
| CVE-2022-20510 | 1 Google | 1 Android | 2022-12-21 | N/A | 5.5 MEDIUM |
| In getNearbyNotificationStreamingPolicy of DevicePolicyManagerService.java, there is a possible way to learn about the notification streaming policy of other users due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235822336 | |||||
| CVE-2022-20601 | 1 Google | 1 Android | 2022-12-20 | N/A | 7.5 HIGH |
| Product: AndroidVersions: Android kernelAndroid ID: A-204541506References: N/A | |||||
| CVE-2022-20602 | 1 Google | 1 Android | 2022-12-20 | N/A | 7.5 HIGH |
| Product: AndroidVersions: Android kernelAndroid ID: A-211081867References: N/A | |||||
| CVE-2022-20595 | 1 Google | 1 Android | 2022-12-20 | N/A | 4.4 MEDIUM |
| In getWpcAuthChallengeResponse of WirelessCharger.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239700137References: N/A | |||||
| CVE-2022-20599 | 1 Google | 1 Android | 2022-12-20 | N/A | 6.7 MEDIUM |
| In Pixel firmware, there is a possible exposure of sensitive memory due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242332706References: N/A | |||||
| CVE-2022-20600 | 1 Google | 1 Android | 2022-12-20 | N/A | 7.8 HIGH |
| In TBD of TBD, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239847859References: N/A | |||||
| CVE-2022-20596 | 1 Google | 1 Android | 2022-12-20 | N/A | 6.7 MEDIUM |
| In sendChunk of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239700400References: N/A | |||||
| CVE-2022-20598 | 1 Google | 1 Android | 2022-12-20 | N/A | 7.8 HIGH |
| In sec_media_protect of media.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege of secure mode MFC Core with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242357514References: N/A | |||||
| CVE-2022-20597 | 1 Google | 1 Android | 2022-12-20 | N/A | 7.8 HIGH |
| In ppmpu_set of ppmpu.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243480506References: N/A | |||||