Google

Android

7931 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2022-20131

  • EPSS 0.36%
  • Veröffentlicht 15.06.2022 13:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:13

In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for ex...

4.9

CVE-2022-20132

  • EPSS 0.06%
  • Veröffentlicht 15.06.2022 13:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:13

In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no add...

7.8

CVE-2022-20133

  • EPSS 0.01%
  • Veröffentlicht 15.06.2022 13:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:13

In setDiscoverableTimeout of AdapterService.java, there is a possible bypass of user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed...

7.8

CVE-2022-20134

  • EPSS 0.01%
  • Veröffentlicht 15.06.2022 13:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:13

In readArguments of CallSubjectDialog.java, there is a possible way to trick the user to call the wrong phone number due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. Us...

7.8

CVE-2022-20135

  • EPSS 0.01%
  • Veröffentlicht 15.06.2022 13:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:13

In writeToParcel of GateKeeperResponse.java, there is a possible parcel format mismatch. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.3

CVE-2022-20137

  • EPSS 0.01%
  • Veröffentlicht 15.06.2022 13:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:13

In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. Use...

5.5

CVE-2022-30727

  • EPSS 0.03%
  • Veröffentlicht 07.06.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 07:03:15

Improper handling of insufficient permissions vulnerability in addAppPackageNameToAllowList in PersonaManagerService prior to SMR Jun-2022 Release 1 allows local attackers to set some setting value in work space.

3.3

CVE-2022-30728

  • EPSS 0.02%
  • Veröffentlicht 07.06.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 07:03:15

Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.

4.6

CVE-2022-30729

  • EPSS 0.02%
  • Veröffentlicht 07.06.2022 18:15:13
  • Zuletzt bearbeitet 21.11.2024 07:03:15

Implicit Intent hijacking vulnerability in Settings prior to SMR Jun-2022 Release 1 allows attackers to get Wi-Fi SSID and password via a malicious QR code scanner.

9.4

CVE-2022-30711

  • EPSS 0.06%
  • Veröffentlicht 07.06.2022 18:15:12
  • Zuletzt bearbeitet 21.11.2024 07:03:13

Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.