Total
3289 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-20300 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In Content, there is a possible way to check if the given account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-200956588 | ||||
| CVE-2022-20321 | 1 Google | 1 Android | 2024-08-03 | 3.3 Low |
| In Settings, there is a possible way for an application without permissions to read content of WiFi QR codes due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187176859 | ||||
| CVE-2022-20274 | 1 Google | 1 Android | 2024-08-03 | 7.8 High |
| In Keyguard, there is a missing permission check. This could lead to local escalation of privilege and prevention of screen timeout with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-206470146 | ||||
| CVE-2022-20282 | 1 Google | 1 Android | 2024-08-03 | 7.8 High |
| In AppWidget, there is a possible way to start an activity from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-204083104 | ||||
| CVE-2022-20263 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In ActivityManager, there is a way to read process state for other users due to a missing permission check. This could lead to local information disclosure of app usage with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-217935264 | ||||
| CVE-2022-20204 | 1 Google | 1 Android | 2024-08-03 | 7.8 High |
| In registerRemoteBugreportReceivers of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-171495100 | ||||
| CVE-2022-20255 | 1 Google | 1 Android | 2024-08-03 | 4.4 Medium |
| In SettingsProvider, there is a possible way to read or change the default ringtone due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222687217 | ||||
| CVE-2022-20267 | 1 Google | 1 Android | 2024-08-03 | 3.3 Low |
| In bluetooth, there is a possible way to enable or disable bluetooth connection without user consent due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-211646835 | ||||
| CVE-2022-20200 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In updateApState of SoftApManager.java, there is a possible leak of hotspot state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-212695058 | ||||
| CVE-2022-20261 | 1 Google | 1 Android | 2024-08-03 | 2.3 Low |
| In LocationManager, there is a possible way to get location information due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-219835125 | ||||
| CVE-2022-20262 | 1 Google | 1 Android | 2024-08-03 | 3.3 Low |
| In ActivityManager, there is a possible way to check another process's capabilities due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-218338453 | ||||
| CVE-2022-20206 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In setPackageOrComponentEnabled of NotificationManagerService.java, there is a missing permission check. This could lead to local information disclosure about enabled notification listeners with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-220737634 | ||||
| CVE-2022-20259 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In Telephony, there is a possible leak of ICCID and EID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-221431393 | ||||
| CVE-2022-20182 | 1 Google | 1 Android | 2024-08-03 | 4.4 Medium |
| In handle_ramdump of pixel_loader.c, there is a possible way to create a ramdump of non-secure memory due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222348453References: N/A | ||||
| CVE-2022-20225 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In getSubscriptionProperty of SubscriptionController.java, there is a possible read of a sensitive identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-213457638 | ||||
| CVE-2022-20240 | 1 Google | 1 Android | 2024-08-03 | 2.3 Low |
| In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location information due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-231496105 | ||||
| CVE-2022-20172 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In onbind of ShannonRcsService.java, there is a possible access to protect data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-206987222References: N/A | ||||
| CVE-2022-20133 | 1 Google | 1 Android | 2024-08-03 | 7.8 High |
| In setDiscoverableTimeout of AdapterService.java, there is a possible bypass of user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-206807679 | ||||
| CVE-2022-20138 | 1 Google | 1 Android | 2024-08-03 | 7.8 High |
| In ACTION_MANAGED_PROFILE_PROVISIONED of DevicePolicyManagerService.java, there is a possible way for unprivileged app to send MANAGED_PROFILE_PROVISIONED intent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-210469972 | ||||
| CVE-2022-20137 | 1 Google | 1 Android | 2024-08-03 | 7.3 High |
| In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-206986392 | ||||