Google

Android

7931 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.3

CVE-2022-28784

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:57:55

Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to list file names in arbitrary directory as system user. The patch addresses incorrect implementation of file path validation check logic.

5.5

CVE-2022-28785

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:57:55

Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.

5.5

CVE-2022-28786

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:57:55

Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.

5.5

CVE-2022-28787

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:57:56

Improper buffer size check logic in wmfextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.

5.5

CVE-2022-28788

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:57:56

Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.

7.8

CVE-2022-20084

  • EPSS 0.01%
  • Veröffentlicht 03.05.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:07

In telephony, there is a possible way to disable receiving emergency broadcasts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exp...

6.7

CVE-2022-20085

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:07

In netdiag, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308...

6.7

CVE-2022-20087

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:07

In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06477970; Issue ID...

7.8

CVE-2022-20088

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:07

In aee driver, there is a possible reference count mistake due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06209...

6.7

CVE-2022-20089

  • EPSS 0.02%
  • Veröffentlicht 03.05.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:42:07

In aee driver, there is a possible memory corruption due to active debug code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06240397; Issue ID...