Total
3289 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-20360 | 1 Google | 1 Android | 2024-08-03 | 7.8 High |
| In setChecked of SecureNfcPreferenceController.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-228314987 | ||||
| CVE-2022-20335 | 1 Google | 1 Android | 2024-08-03 | 3.3 Low |
| In Wifi Slice, there is a possible way to adjust Wi-Fi settings even when the permission has been disabled due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-178014725 | ||||
| CVE-2022-20340 | 1 Google | 1 Android | 2024-08-03 | 3.3 Low |
| In SELinux policy, there is a possible way of inferring which websites are being opened in the browser due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-166269532 | ||||
| CVE-2022-20336 | 1 Google | 1 Android | 2024-08-03 | 3.3 Low |
| In Settings, there is a possible installed application disclosure due to a missing permission check. This could lead to local information disclosure of applications allow-listed to use the network during VPN lockdown mode with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-177239688 | ||||
| CVE-2022-20352 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In addProviderRequestListener of LocationManagerService.java, there is a possible way to learn which packages request location information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-222473855 | ||||
| CVE-2022-20298 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-201416182 | ||||
| CVE-2022-20303 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In ContentService, there is a possible way to determine if an account is on the device without GET_ACCOUNTS permission due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-200573021 | ||||
| CVE-2022-20299 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In ContentService, there is a possible way to check if the given account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-201415895 | ||||
| CVE-2022-20328 | 1 Google | 1 Android | 2024-08-03 | 3.3 Low |
| In PackageManager, there is a possible way to determine whether an app is installed due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-184948501 | ||||
| CVE-2022-20327 | 1 Google | 1 Android | 2024-08-03 | 2.8 Low |
| In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-185126813 | ||||
| CVE-2022-20305 | 1 Google | 1 Android | 2024-08-03 | 3.3 Low |
| In ContentService, there is a possible disclosure of available account types due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-199751623 | ||||
| CVE-2022-20312 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In WifiP2pManager, there is a possible toobtain WiFi P2P MAC address without user consent due to missing permission check. This could lead to local information disclosure without additional execution privileges needed. User interaction is not needed forexploitationProduct: AndroidVersions: Android-13Android ID: A-192244925 | ||||
| CVE-2022-20295 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-202160584 | ||||
| CVE-2022-20326 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In Telephony, there is a possible disclosure of SIM identifiers due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-185235527 | ||||
| CVE-2022-20281 | 1 Google | 1 Android | 2024-08-03 | 7.8 High |
| In Core, there is a possible way to start an activity from the background due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-204083967 | ||||
| CVE-2022-20301 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In Content, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-200956614 | ||||
| CVE-2022-20296 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-201794303 | ||||
| CVE-2022-20311 | 1 Google | 1 Android | 2024-08-03 | 3.3 Low |
| In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-192663553 | ||||
| CVE-2022-20310 | 1 Google | 1 Android | 2024-08-03 | 3.3 Low |
| In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-192663798 | ||||
| CVE-2022-20284 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In Telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of phone accounts with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231986341 | ||||