Filtered by vendor Google
Subscribe
Total
10294 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20581 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.7 MEDIUM |
| In the Pixel camera driver, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-245916120References: N/A | |||||
| CVE-2022-20580 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.7 MEDIUM |
| In ufdt_do_one_fixup of ufdt_overlay.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243629453References: N/A | |||||
| CVE-2022-20579 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.7 MEDIUM |
| In RadioImpl::setCdmaBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243510139References: N/A | |||||
| CVE-2022-20578 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.7 MEDIUM |
| In RadioImpl::setGsmBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509749References: N/A | |||||
| CVE-2022-20577 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.7 MEDIUM |
| In OemSimAuthRequest::encode of wlandata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762281References: N/A | |||||
| CVE-2022-20576 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.7 MEDIUM |
| In externalOnRequest of rilapplication.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239701761References: N/A | |||||
| CVE-2022-20575 | 1 Google | 1 Android | 2022-12-21 | N/A | 5.5 MEDIUM |
| In read_ppmpu_info of drm_fw.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237585040References: N/A | |||||
| CVE-2022-20537 | 1 Google | 1 Android | 2022-12-21 | N/A | 3.3 LOW |
| In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable location-sensitive settings due to a missing permission check. This could lead to local escalation of privilege from the Guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235601169 | |||||
| CVE-2022-20572 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.7 MEDIUM |
| In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel | |||||
| CVE-2022-20574 | 1 Google | 1 Android | 2022-12-21 | N/A | 5.5 MEDIUM |
| In sec_sysmmu_info of drm_fw.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237582191References: N/A | |||||
| CVE-2022-20571 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.7 MEDIUM |
| In extract_metadata of dm-android-verity.c, there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234030265References: Upstream kernel | |||||
| CVE-2022-20536 | 1 Google | 1 Android | 2022-12-21 | N/A | 3.3 LOW |
| In registerBroadcastReceiver of RcsService.java, there is a possible way to change preferred TTY mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235100180 | |||||
| CVE-2022-20535 | 1 Google | 1 Android | 2022-12-21 | N/A | 3.3 LOW |
| In registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233605242 | |||||
| CVE-2022-20569 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.7 MEDIUM |
| In thermal_cooling_device_stats_update of thermal_sysfs.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-229258234References: N/A | |||||
| CVE-2022-20567 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.4 MEDIUM |
| In pppol2tp_create of l2tp_ppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-186777253References: Upstream kernel | |||||
| CVE-2022-20552 | 1 Google | 1 Android | 2022-12-21 | N/A | 5.5 MEDIUM |
| In btif_a2dp_sink_command_ready of btif_a2dp_sink.cc, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-243922806 | |||||
| CVE-2022-20606 | 1 Google | 1 Android | 2022-12-21 | N/A | 4.9 MEDIUM |
| In SAEMM_MiningCodecTableWithMsgIE of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-233230674References: N/A | |||||
| CVE-2022-20605 | 1 Google | 1 Android | 2022-12-21 | N/A | 7.5 HIGH |
| In SAECOMM_CopyBufferBytes of SAECOMM_Utility.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-231722405References: N/A | |||||
| CVE-2022-20508 | 1 Google | 1 Android | 2022-12-21 | N/A | 7.8 HIGH |
| In onAttach of ConfigureWifiSettings.java, there is a possible way for a guest user to change WiFi settings due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-218679614 | |||||
| CVE-2022-20510 | 1 Google | 1 Android | 2022-12-21 | N/A | 5.5 MEDIUM |
| In getNearbyNotificationStreamingPolicy of DevicePolicyManagerService.java, there is a possible way to learn about the notification streaming policy of other users due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-235822336 | |||||