CVE-2022-20486
- EPSS 0.12%
- Veröffentlicht 13.12.2022 16:15:16
- Zuletzt bearbeitet 22.04.2025 14:15:16
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interact...
CVE-2022-20487
- EPSS 0.12%
- Veröffentlicht 13.12.2022 16:15:16
- Zuletzt bearbeitet 22.04.2025 14:15:17
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interact...
CVE-2022-20488
- EPSS 0.12%
- Veröffentlicht 13.12.2022 16:15:16
- Zuletzt bearbeitet 22.04.2025 14:15:17
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interact...
CVE-2022-20491
- EPSS 0.17%
- Veröffentlicht 13.12.2022 16:15:16
- Zuletzt bearbeitet 22.04.2025 14:15:17
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interact...
CVE-2022-20495
- EPSS 0.17%
- Veröffentlicht 13.12.2022 16:15:16
- Zuletzt bearbeitet 22.04.2025 14:15:17
In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges ne...
CVE-2022-20496
- EPSS 0.13%
- Veröffentlicht 13.12.2022 16:15:16
- Zuletzt bearbeitet 22.04.2025 14:15:18
In setDataSource of initMediaExtractor.cpp, there is a possibility of arbitrary code execution due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-20497
- EPSS 0.18%
- Veröffentlicht 13.12.2022 16:15:16
- Zuletzt bearbeitet 22.04.2025 14:15:18
In updatePublicMode of NotificationLockscreenUserManagerImpl.java, there is a possible way to reveal sensitive notifications on the lockscreen due to an incorrect state transition. This could lead to local information disclosure with physical access ...
CVE-2022-20240
- EPSS 0.11%
- Veröffentlicht 13.12.2022 16:15:15
- Zuletzt bearbeitet 22.04.2025 20:15:19
In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location information due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction i...
CVE-2022-20411
- EPSS 1.87%
- Veröffentlicht 13.12.2022 16:15:15
- Zuletzt bearbeitet 22.04.2025 20:15:19
In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploi...
CVE-2022-20442
- EPSS 0.1%
- Veröffentlicht 13.12.2022 16:15:15
- Zuletzt bearbeitet 22.04.2025 20:15:20
In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a separate app with API level < 23 due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges nee...