CVE-2022-20390
- EPSS 0.44%
- Veröffentlicht 13.09.2022 20:15:09
- Zuletzt bearbeitet 21.11.2024 06:42:43
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238257002
CVE-2022-20391
- EPSS 0.44%
- Veröffentlicht 13.09.2022 20:15:09
- Zuletzt bearbeitet 21.11.2024 06:42:43
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238257000
CVE-2022-20392
- EPSS 0.1%
- Veröffentlicht 13.09.2022 20:15:09
- Zuletzt bearbeitet 05.06.2025 19:15:23
In declareDuplicatePermission of ParsedPermissionUtils.java, there is a possible way to obtain a dangerous permission without user consent due to improper input validation. This could lead to local escalation of privilege during app installation or u...
CVE-2022-20393
- EPSS 0.1%
- Veröffentlicht 13.09.2022 20:15:09
- Zuletzt bearbeitet 21.11.2024 06:42:43
In extract3GPPGlobalDescriptions of TextDescriptions.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure from the media server with no additional execution privileges needed. User in...
CVE-2022-20395
- EPSS 0.11%
- Veröffentlicht 13.09.2022 20:15:09
- Zuletzt bearbeitet 21.11.2024 06:42:44
In checkAccess of MediaProvider.java, there is a possible file deletion due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Pr...
CVE-2022-20396
- EPSS 0.08%
- Veröffentlicht 13.09.2022 20:15:09
- Zuletzt bearbeitet 21.11.2024 06:42:44
In SettingsActivity.java, there is a possible way to make a device discoverable over Bluetooth, without permission or user interaction, due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privile...
CVE-2022-20398
- EPSS 0.09%
- Veröffentlicht 13.09.2022 20:15:09
- Zuletzt bearbeitet 21.11.2024 06:42:44
In addOrUpdateNetwork of WifiServiceImpl.java, there is a possible way for a guest user to configure Wi-Fi due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not ne...
CVE-2022-20399
- EPSS 0.09%
- Veröffentlicht 13.09.2022 20:15:09
- Zuletzt bearbeitet 21.11.2024 06:42:44
In the SEPolicy configuration of system apps, there is a possible access to the 'ip' utility due to an insecure default value. This could lead to local information disclosure of network data with no additional execution privileges needed. User intera...
- EPSS 0.07%
- Veröffentlicht 13.09.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 05:43:10
In PVRSRVRGXSubmitTransferKM of rgxtransfer.c, there is a possible user after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitati...
CVE-2021-0871
- EPSS 0.1%
- Veröffentlicht 13.09.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 05:43:11
In PVRSRVBridgePMRPDumpSymbolicAddr of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional executio...