CVE-2022-20511
- EPSS 0.16%
- Veröffentlicht 16.12.2022 16:15:16
- Zuletzt bearbeitet 21.04.2025 15:15:51
In getNearbyAppStreamingPolicy of DevicePolicyManagerService.java, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Pr...
CVE-2022-20512
- EPSS 0.14%
- Veröffentlicht 16.12.2022 16:15:16
- Zuletzt bearbeitet 21.04.2025 15:15:51
In navigateUpTo of Task.java, there is a possible way to launch an intent handler with a mismatched intent due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interac...
CVE-2022-20513
- EPSS 0.21%
- Veröffentlicht 16.12.2022 16:15:16
- Zuletzt bearbeitet 21.04.2025 15:15:51
In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation....
CVE-2022-20498
- EPSS 1.15%
- Veröffentlicht 13.12.2022 16:15:17
- Zuletzt bearbeitet 22.04.2025 14:15:18
In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation....
CVE-2022-20500
- EPSS 0.13%
- Veröffentlicht 13.12.2022 16:15:17
- Zuletzt bearbeitet 22.04.2025 14:15:18
In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product...
CVE-2022-20501
- EPSS 0.13%
- Veröffentlicht 13.12.2022 16:15:17
- Zuletzt bearbeitet 22.04.2025 18:15:46
In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileg...
CVE-2022-20502
- EPSS 0.16%
- Veröffentlicht 13.12.2022 16:15:17
- Zuletzt bearbeitet 22.04.2025 18:15:46
In GetResolvedMethod of entrypoint_utils-inl.h, there is a possible use after free due to a stale cache. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.P...
CVE-2022-20611
- EPSS 0.09%
- Veröffentlicht 13.12.2022 16:15:17
- Zuletzt bearbeitet 22.04.2025 18:15:46
In deletePackageVersionedInternal of DeletePackageHelper.java, there is a possible way to bypass carrier restrictions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User i...
CVE-2022-20473
- EPSS 8.85%
- Veröffentlicht 13.12.2022 16:15:16
- Zuletzt bearbeitet 22.04.2025 15:15:58
In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-20474
- EPSS 0.24%
- Veröffentlicht 13.12.2022 16:15:16
- Zuletzt bearbeitet 22.04.2025 15:15:58
In readLazyValue of Parcel.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...