Google

Android

7931 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2022-20140

  • EPSS 4.17%
  • Veröffentlicht 15.06.2022 14:15:11
  • Zuletzt bearbeitet 21.11.2024 06:42:13

In read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitati...

7

CVE-2022-20141

  • EPSS 0.02%
  • Veröffentlicht 15.06.2022 14:15:11
  • Zuletzt bearbeitet 21.11.2024 06:42:14

In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not n...

7.8

CVE-2022-20142

  • EPSS 0.04%
  • Veröffentlicht 15.06.2022 14:15:11
  • Zuletzt bearbeitet 21.11.2024 06:42:14

In createFromParcel of GeofenceHardwareRequestParcelable.java, there is a possible arbitrary code execution due to parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is n...

5.5

CVE-2022-20143

  • EPSS 0.02%
  • Veröffentlicht 15.06.2022 14:15:11
  • Zuletzt bearbeitet 21.11.2024 06:42:14

In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitatio...

7.8

CVE-2022-20144

  • EPSS 0.01%
  • Veröffentlicht 15.06.2022 14:15:11
  • Zuletzt bearbeitet 21.11.2024 06:42:14

In multiple functions of AvatarPhotoController.java, there is a possible access to content owned by system content providers due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. Us...

10

CVE-2022-20145

  • EPSS 6.37%
  • Veröffentlicht 15.06.2022 14:15:11
  • Zuletzt bearbeitet 21.11.2024 06:42:14

In startLegacyVpnPrivileged of Vpn.java, there is a possible way to retrieve VPN credentials due to a protocol downgrade attack. This could lead to remote escalation of privilege if a malicious Wi-Fi AP is used, with no additional execution privilege...

5.5

CVE-2022-20146

  • EPSS 0.02%
  • Veröffentlicht 15.06.2022 14:15:11
  • Zuletzt bearbeitet 21.11.2024 06:42:14

In uploadFile of FileUploadServiceImpl.java, there is a possible incorrect file access due to a confused deputy. This could lead to local information disclosure of private files with no additional execution privileges needed. User interaction is not ...

7.8

CVE-2022-20147

  • EPSS 0.01%
  • Veröffentlicht 15.06.2022 14:15:11
  • Zuletzt bearbeitet 21.11.2024 06:42:14

In nfa_dm_check_set_config of nfa_dm_main.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for e...

6.9

CVE-2022-20148

  • EPSS 0.02%
  • Veröffentlicht 15.06.2022 14:15:11
  • Zuletzt bearbeitet 21.11.2024 06:42:14

In TBD of TBD, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...

7.5

CVE-2022-20149

  • EPSS 0.12%
  • Veröffentlicht 15.06.2022 14:15:11
  • Zuletzt bearbeitet 21.11.2024 06:42:15

Product: AndroidVersions: Android kernelAndroid ID: A-211685939References: N/A