Filtered by vendor Google
Subscribe
Total
10294 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20361 | 1 Google | 1 Android | 2022-08-12 | N/A | 9.8 CRITICAL |
| In btif_dm_auth_cmpl_evt of btif_dm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-231161832 | |||||
| CVE-2022-20360 | 1 Google | 1 Android | 2022-08-12 | N/A | 7.8 HIGH |
| In setChecked of SecureNfcPreferenceController.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-228314987 | |||||
| CVE-2022-33726 | 1 Google | 1 Android | 2022-08-11 | N/A | 3.3 LOW |
| Unprotected dynamic receiver in Samsung Galaxy Friends prior to SMR Aug-2022 Release 1 allows attacker to launch activity. | |||||
| CVE-2022-33719 | 1 Google | 1 Android | 2022-08-11 | N/A | 9.8 CRITICAL |
| Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause integer overflow to heap overflow. | |||||
| CVE-2022-33720 | 1 Google | 1 Android | 2022-08-11 | N/A | 2.4 LOW |
| Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut. | |||||
| CVE-2022-33724 | 1 Google | 1 Android | 2022-08-11 | N/A | 3.3 LOW |
| Exposure of Sensitive Information in Samsung Dialer application?prior to SMR Aug-2022 Release 1 allows local attackers to access ICCID via log. | |||||
| CVE-2022-33721 | 1 Google | 1 Android | 2022-08-11 | N/A | 5.5 MEDIUM |
| A vulnerability using PendingIntent in DeX for PC prior to SMR Aug-2022 Release 1 allows attackers to access files with system privilege. | |||||
| CVE-2022-33725 | 1 Google | 1 Android | 2022-08-11 | N/A | 3.3 LOW |
| A vulnerability using PendingIntent in Knox VPN prior to SMR Aug-2022 Release 1 allows attackers to access content providers with system privilege. | |||||
| CVE-2022-33728 | 1 Google | 1 Android | 2022-08-11 | N/A | 3.3 LOW |
| Exposure of sensitive information in Bluetooth prior to SMR Aug-2022 Release 1 allows local attackers to access connected BT macAddress via Settings.Gloabal. | |||||
| CVE-2022-33714 | 1 Google | 1 Android | 2022-08-11 | N/A | 3.3 LOW |
| Improper access control vulnerability in SemWifiApBroadcastReceiver prior to SMR Aug-2022 Release 1 allows attacker to reset a setting value related to mobile hotspot. | |||||
| CVE-2022-33718 | 1 Google | 1 Android | 2022-08-11 | N/A | 3.3 LOW |
| An improper access control vulnerability in Wi-Fi Service prior to SMR AUG-2022 Release 1 allows untrusted applications to manipulate the list of apps that can use mobile data. | |||||
| CVE-2022-33715 | 1 Google | 1 Android | 2022-08-11 | N/A | 5.5 MEDIUM |
| Improper access control and path traversal vulnerability in LauncherProvider prior to SMR Aug-2022 Release 1 allow local attacker to access files of One UI. | |||||
| CVE-2022-33729 | 1 Google | 1 Android | 2022-08-11 | N/A | 3.3 LOW |
| Improper restriction of broadcasting Intent in ConfirmConnectActivity of?NFC prior to SMR Aug-2022 Release 1 leaks MAC address of the connected Bluetooth device. | |||||
| CVE-2022-33730 | 1 Google | 1 Android | 2022-08-11 | N/A | 6.8 MEDIUM |
| Heap-based buffer overflow vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows arbitrary code execution by physical attackers. | |||||
| CVE-2022-33731 | 1 Google | 1 Android | 2022-08-11 | N/A | 7.1 HIGH |
| Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components. | |||||
| CVE-2022-33717 | 1 Google | 1 Android | 2022-08-11 | N/A | 4.4 MEDIUM |
| A missing input validation before memory read in SEM TA prior to SMR Aug-2022 Release 1 allows local attackers to read out of bound memory. | |||||
| CVE-2022-33722 | 1 Google | 1 Android | 2022-08-11 | N/A | 3.3 LOW |
| Implicit Intent hijacking vulnerability in Smart View prior to SMR Aug-2022 Release 1 allows attacker to access connected device MAC address. | |||||
| CVE-2022-33716 | 1 Google | 1 Android | 2022-08-11 | N/A | 4.4 MEDIUM |
| An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local attacker to read uninitialized memory. | |||||
| CVE-2020-0368 | 1 Google | 1 Android | 2022-08-05 | 2.1 LOW | 3.3 LOW |
| In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper input validation. This could lead to local information disclosure of voicemail metadata with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-143230980 | |||||
| CVE-2022-1799 | 1 Google | 1 Google Play Services Software Development Kit | 2022-08-05 | N/A | 9.8 CRITICAL |
| Incorrect signature trust exists within Google Play services SDK play-services-basement. A debug version of Google Play services is trusted by the SDK for devices that are non-GMS. We recommend upgrading the SDK past the 2022-05-03 release. | |||||