Google

Android

7895 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2022-28780

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:57:55

Improper access control vulnerability in Weather prior to SMR May-2022 Release 1 allows that attackers can access location information that set in Weather without permission. The patch adds proper protection to prevent access to location information.

7.2

CVE-2022-28781

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:57:55

Improper input validation in Settings prior to SMR-May-2022 Release 1 allows attackers to launch arbitrary activity with system privilege. The patch adds proper validation logic to check the caller.

4.6

CVE-2022-28782

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:57:55

Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability.

7.1

CVE-2022-28783

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:57:55

Improper validation of removing package name in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to uninstall arbitrary packages without permission. The patch adds proper validation logic for removing package name.

3.3

CVE-2022-28784

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:57:55

Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to list file names in arbitrary directory as system user. The patch addresses incorrect implementation of file path validation check logic.

5.5

CVE-2022-28785

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:57:55

Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.

5.5

CVE-2022-28786

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:57:55

Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.

5.5

CVE-2022-28787

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:57:56

Improper buffer size check logic in wmfextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.

5.5

CVE-2022-28788

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:57:56

Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.

7.8

CVE-2022-20084

  • EPSS 0.01%
  • Veröffentlicht 03.05.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:07

In telephony, there is a possible way to disable receiving emergency broadcasts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exp...