Google

Android

7895 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2022-20096

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:08

In camera, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06419003; Issue ID...

4.7

CVE-2022-20097

  • EPSS 0.01%
  • Veröffentlicht 03.05.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:08

In aee daemon, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383944...

4.4

CVE-2022-20098

  • EPSS 0.05%
  • Veröffentlicht 03.05.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:08

In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419...

7.8

CVE-2022-20099

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:09

In aee daemon, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06296442...

4.4

CVE-2022-20100

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:09

In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383...

7.8

CVE-2022-20109

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:10

In ion, there is a possible use after free due to improper update of reference count. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0639...

7

CVE-2022-20110

  • EPSS 0.01%
  • Veröffentlicht 03.05.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:10

In ion, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06399915; Issue ID: AL...

7.8

CVE-2021-39794

  • EPSS 0.03%
  • Veröffentlicht 12.04.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:20:15

In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the shell user, if wireless debugging is enabled, due to a missing permission check. This could lead to local escalation of privilege with no additional executio...

7.3

CVE-2021-39796

  • EPSS 0.01%
  • Veröffentlicht 12.04.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:20:15

In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick victim to install harmful app due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed....

7.8

CVE-2021-39797

  • EPSS 0.01%
  • Veröffentlicht 12.04.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:20:15

In several functions of of LauncherApps.java, there is a possible escalation of privilege due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not neede...