Google

Android

7931 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2022-20399

  • EPSS 0.02%
  • Veröffentlicht 13.09.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:42:44

In the SEPolicy configuration of system apps, there is a possible access to the 'ip' utility due to an insecure default value. This could lead to local information disclosure of network data with no additional execution privileges needed. User intera...

7

CVE-2021-0697

  • EPSS 0.01%
  • Veröffentlicht 13.09.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:43:10

In PVRSRVRGXSubmitTransferKM of rgxtransfer.c, there is a possible user after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitati...

7.8

CVE-2021-0871

  • EPSS 0.02%
  • Veröffentlicht 13.09.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:43:11

In PVRSRVBridgePMRPDumpSymbolicAddr of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional executio...

9.8

CVE-2021-0942

  • EPSS 0.15%
  • Veröffentlicht 13.09.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:43:17

The path in this case is a little bit convoluted. The end result is that via an ioctl an untrusted app can control the ui32PageIndex offset in the expression:sPA.uiAddr = page_to_phys(psOSPageArrayData->pagearray[ui32PageIndex]);With the current PoC ...

7.8

CVE-2022-39119

  • EPSS 0.01%
  • Veröffentlicht 09.09.2022 15:15:14
  • Zuletzt bearbeitet 21.11.2024 07:17:36

In network service, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

7.8

CVE-2022-36858

  • EPSS 0.02%
  • Veröffentlicht 09.09.2022 15:15:12
  • Zuletzt bearbeitet 21.11.2024 07:13:54

A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc() function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

7.8

CVE-2022-36860

  • EPSS 0.02%
  • Veröffentlicht 09.09.2022 15:15:12
  • Zuletzt bearbeitet 21.11.2024 07:13:54

A heap-based overflow vulnerability in LoadEnvironment function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

5.3

CVE-2022-36861

  • EPSS 0.02%
  • Veröffentlicht 09.09.2022 15:15:12
  • Zuletzt bearbeitet 21.11.2024 07:13:54

Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystemUI privilege.

7.8

CVE-2022-36862

  • EPSS 0.02%
  • Veröffentlicht 09.09.2022 15:15:12
  • Zuletzt bearbeitet 21.11.2024 07:13:54

A heap-based overflow vulnerability in HWR::EngineCJK::Impl::Construct() in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

7.8

CVE-2022-36863

  • EPSS 0.02%
  • Veröffentlicht 09.09.2022 15:15:12
  • Zuletzt bearbeitet 21.11.2024 07:13:54

A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.