CVE-2022-20577
- EPSS 0.17%
- Veröffentlicht 16.12.2022 16:15:19
- Zuletzt bearbeitet 18.04.2025 15:15:47
In OemSimAuthRequest::encode of wlandata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploita...
CVE-2022-20578
- EPSS 0.17%
- Veröffentlicht 16.12.2022 16:15:19
- Zuletzt bearbeitet 18.04.2025 15:15:47
In RadioImpl::setGsmBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for ...
CVE-2022-20535
- EPSS 0.12%
- Veröffentlicht 16.12.2022 16:15:18
- Zuletzt bearbeitet 18.04.2025 16:15:17
In registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure wi...
CVE-2022-20536
- EPSS 0.11%
- Veröffentlicht 16.12.2022 16:15:18
- Zuletzt bearbeitet 18.04.2025 16:15:17
In registerBroadcastReceiver of RcsService.java, there is a possible way to change preferred TTY mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...
CVE-2022-20537
- EPSS 0.11%
- Veröffentlicht 16.12.2022 16:15:18
- Zuletzt bearbeitet 18.04.2025 16:15:17
In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable location-sensitive settings due to a missing permission check. This could lead to local escalation of privilege from the Guest user with no additional ex...
CVE-2022-20538
- EPSS 0.12%
- Veröffentlicht 16.12.2022 16:15:18
- Zuletzt bearbeitet 18.04.2025 16:15:17
In getSmsRoleHolder of RoleService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execu...
CVE-2022-20539
- EPSS 0.12%
- Veröffentlicht 16.12.2022 16:15:18
- Zuletzt bearbeitet 18.04.2025 16:15:17
In parameterToHal of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the audio server with System execution privileges needed. User interaction is not needed for e...
CVE-2022-20540
- EPSS 0.17%
- Veröffentlicht 16.12.2022 16:15:18
- Zuletzt bearbeitet 18.04.2025 16:15:18
In SurfaceFlinger::doDump of SurfaceFlinger.cpp, there is possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for e...
CVE-2022-20541
- EPSS 0.18%
- Veröffentlicht 16.12.2022 16:15:18
- Zuletzt bearbeitet 21.04.2025 14:15:25
In phNxpNciHal_ioctl of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation.Product...
CVE-2022-20543
- EPSS 0.16%
- Veröffentlicht 16.12.2022 16:15:18
- Zuletzt bearbeitet 21.04.2025 14:15:25
In multiple locations, there is a possible display crash loop due to improper input validation. This could lead to local denial of service with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersio...