CVE-2022-20122
- EPSS 0.36%
- Veröffentlicht 24.08.2022 14:15:09
- Zuletzt bearbeitet 21.11.2024 06:42:12
The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes it available to be freed), and continue using the page in GPU calls. No privileges required and this results in kernel memory corruption.Product: Androi...
CVE-2021-0698
- EPSS 0.09%
- Veröffentlicht 24.08.2022 14:15:08
- Zuletzt bearbeitet 21.11.2024 05:43:10
In PVRSRVBridgeHeapCfgHeapDetails, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitat...
CVE-2021-0887
- EPSS 0.09%
- Veröffentlicht 24.08.2022 14:15:08
- Zuletzt bearbeitet 21.11.2024 05:43:13
In PVRSRVBridgeHeapCfgHeapConfigName, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploi...
CVE-2022-20339
- EPSS 0.09%
- Veröffentlicht 12.08.2022 15:15:13
- Zuletzt bearbeitet 21.11.2024 06:42:37
In Android, there is a possible access of network neighbor table information due to an insecure SEpolicy configuration. This could lead to local information disclosure of network topography with no additional execution privileges needed. User interac...
CVE-2022-20340
- EPSS 0.09%
- Veröffentlicht 12.08.2022 15:15:13
- Zuletzt bearbeitet 21.11.2024 06:42:37
In SELinux policy, there is a possible way of inferring which websites are being opened in the browser due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction...
CVE-2022-20341
- EPSS 0.09%
- Veröffentlicht 12.08.2022 15:15:13
- Zuletzt bearbeitet 21.11.2024 06:42:37
In ConnectivityService, there is a possible bypass of network permissions due to a missing permission check. This could lead to local information disclosure of tethering interfaces with no additional execution privileges needed. User interaction is n...
CVE-2022-20342
- EPSS 0.09%
- Veröffentlicht 12.08.2022 15:15:13
- Zuletzt bearbeitet 21.11.2024 06:42:37
In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-20362
- EPSS 0.24%
- Veröffentlicht 12.08.2022 15:15:13
- Zuletzt bearbeitet 21.11.2024 06:42:39
In Bluetooth, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Android...
CVE-2022-20312
- EPSS 0.09%
- Veröffentlicht 12.08.2022 15:15:12
- Zuletzt bearbeitet 21.11.2024 06:42:34
In WifiP2pManager, there is a possible toobtain WiFi P2P MAC address without user consent due to missing permission check. This could lead to local information disclosure without additional execution privileges needed. User interaction is not needed ...
CVE-2022-20313
- EPSS 0.17%
- Veröffentlicht 12.08.2022 15:15:12
- Zuletzt bearbeitet 21.11.2024 06:42:34
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: A...