Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Google Subscribe
Filtered by product Android
Total 6434 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-30715 1 Google 1 Android 2022-06-10 5.0 MEDIUM 5.3 MEDIUM
Improper access control vulnerability in DofViewer prior to SMR Jun-2022 Release 1 allows attackers to control floating system alert window.
CVE-2022-30714 1 Google 1 Android 2022-06-10 2.1 LOW 3.3 LOW
Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.
CVE-2022-30713 1 Google 1 Android 2022-06-10 9.4 HIGH 9.1 CRITICAL
Improper validation vulnerability in LSOItemData prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.
CVE-2022-30712 1 Google 1 Android 2022-06-10 6.4 MEDIUM 9.1 CRITICAL
Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.
CVE-2022-30711 1 Google 1 Android 2022-06-10 9.4 HIGH 9.1 CRITICAL
Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.
CVE-2022-30710 1 Google 1 Android 2022-06-10 9.4 HIGH 9.1 CRITICAL
Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.
CVE-2022-30709 1 Google 1 Android 2022-06-10 5.0 MEDIUM 5.3 MEDIUM
Improper input validation check logic vulnerability in SECRIL prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.
CVE-2022-28794 1 Google 1 Android 2022-06-10 2.1 LOW 3.3 LOW
Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows local attackers to get SIM card information.
CVE-2021-39767 1 Google 1 Android 2022-06-04 4.6 MEDIUM 7.8 HIGH
In miniadb, there is a possible way to get read/write access to recovery system properties due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-201308542
CVE-2022-20064 2 Google, Mediatek 37 Android, Mt6580, Mt6737 and 34 more 2022-06-03 7.2 HIGH 6.7 MEDIUM
In ccci, there is a possible leak of kernel pointer due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108617; Issue ID: ALPS06108617.
CVE-2019-2201 2 Canonical, Google 2 Ubuntu Linux, Android 2022-06-02 9.3 HIGH 7.8 HIGH
In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-120551338
CVE-2022-23278 4 Apple, Google, Linux and 1 more 11 Macos, Android, Linux Kernel and 8 more 2022-05-23 4.3 MEDIUM 5.9 MEDIUM
Microsoft Defender for Endpoint Spoofing Vulnerability.
CVE-2021-39670 1 Google 1 Android 2022-05-17 4.9 MEDIUM 5.5 MEDIUM
In setStream of WallpaperManager.java, there is a possible way to cause a permanent DoS due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-204087139
CVE-2022-20117 1 Google 1 Android 2022-05-17 2.1 LOW 5.5 MEDIUM
In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-217475903References: N/A
CVE-2022-20118 1 Google 1 Android 2022-05-17 6.9 MEDIUM 7.0 HIGH
In ion_ioctl and related functions of ion.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205707793References: N/A
CVE-2022-20119 1 Google 1 Android 2022-05-17 2.1 LOW 5.5 MEDIUM
In private_handle_t of mali_gralloc_buffer.h, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213170715References: N/A
CVE-2022-20120 1 Google 1 Android 2022-05-17 10.0 HIGH 9.8 CRITICAL
Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A
CVE-2022-20121 1 Google 1 Android 2022-05-17 2.1 LOW 5.5 MEDIUM
In getNodeValue of USCCDMPlugin.java, there is a possible disclosure of ICCID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-212573046References: N/A
CVE-2021-39738 1 Google 1 Android 2022-05-17 7.2 HIGH 7.8 HIGH
In CarSetings, there is a possible to pair BT device bypassing user's consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-216190509
CVE-2021-39700 1 Google 1 Android 2022-05-16 2.1 LOW 5.5 MEDIUM
In the policies of adbd.te, there was a logic error which caused the CTS Listening Ports Test to report invalid results. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-201645790