Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
7842 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-23427 | 1 Google | 1 Android | 2024-08-03 | 3.9 Low |
PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent. | ||||
CVE-2022-23431 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 6.4 Medium |
An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | ||||
CVE-2022-23425 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 8.6 High |
Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station. | ||||
CVE-2022-23428 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 8.4 High |
An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | ||||
CVE-2022-23429 | 1 Google | 1 Android | 2024-08-03 | 5.3 Medium |
An improper boundary check in audio hal service prior to SMR Feb-2022 Release 1 allows attackers to read invalid memory and it leads to application crash. | ||||
CVE-2022-23278 | 4 Apple, Google, Linux and 1 more | 11 Macos, Android, Linux Kernel and 8 more | 2024-08-03 | 5.9 Medium |
Microsoft Defender for Endpoint Spoofing Vulnerability | ||||
CVE-2022-23258 | 2 Google, Microsoft | 2 Android, Edge | 2024-08-03 | 4.3 Medium |
Microsoft Edge for Android Spoofing Vulnerability | ||||
CVE-2022-22758 | 2 Google, Mozilla | 2 Android, Firefox | 2024-08-03 | 8.8 High |
When clicking on a tel: link, USSD codes, specified after a <code>\*</code> character, would be included in the phone number. On certain phones, or on certain carriers, if the number was dialed this could perform actions on a user's account, similar to a cross-site request forgery attack.<br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97. | ||||
CVE-2022-22762 | 2 Google, Mozilla | 2 Android, Firefox | 2024-08-03 | 4.3 Medium |
Under certain circumstances, a JavaScript alert (or prompt) could have been shown while another website was displayed underneath it. This could have been abused to trick the user. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97. | ||||
CVE-2022-22285 | 2 Google, Samsung | 2 Android, Reminder | 2024-08-03 | 4.4 Medium |
A vulnerability using PendingIntent in Reminder prior to version 12.2.05.0 in Android R(11.0) and 12.3.02.1000 in Android S(12.0) allows attackers to execute privileged action by hijacking and modifying the intent. | ||||
CVE-2022-22292 | 1 Google | 1 Android | 2024-08-03 | 7.1 High |
Unprotected dynamic receiver in Telecom prior to SMR Feb-2022 Release 1 allows untrusted applications to launch arbitrary activity. | ||||
CVE-2022-22263 | 1 Google | 1 Android | 2024-08-03 | 4 Medium |
Unprotected dynamic receiver in SecSettings prior to SMR Jan-2022 Release 1 allows untrusted applications to launch arbitrary activity. | ||||
CVE-2022-22268 | 1 Google | 1 Android | 2024-08-03 | 6.1 Medium |
Incorrect implementation of Knox Guard prior to SMR Jan-2022 Release 1 allows physically proximate attackers to temporary unlock the Knox Guard via Samsung DeX mode. | ||||
CVE-2022-22269 | 1 Google | 1 Android | 2024-08-03 | 4 Medium |
Keeping sensitive data in unprotected BluetoothSettingsProvider prior to SMR Jan-2022 Release 1 allows untrusted applications to get a local Bluetooth MAC address. | ||||
CVE-2022-22271 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
A missing input validation before memory copy in TIMA trustlet prior to SMR Jan-2022 Release 1 allows attackers to copy data from arbitrary memory. | ||||
CVE-2022-22272 | 1 Google | 1 Android | 2024-08-03 | 4 Medium |
Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission | ||||
CVE-2022-22291 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
Logging of excessive data vulnerability in telephony prior to SMR Feb-2022 Release 1 allows privileged attackers to get Cell Location Information through log of user device. | ||||
CVE-2022-22286 | 2 Google, Samsung | 2 Android, Bixby Routines | 2024-08-03 | 4.4 Medium |
A vulnerability using PendingIntent in Bixby Routines prior to version 3.1.21.8 in Android R(11.0) and 2.6.30.5 in Android Q(10.0) allows attackers to execute privileged action by hijacking and modifying the intent. | ||||
CVE-2022-22266 | 1 Google | 1 Android | 2024-08-03 | 4 Medium |
(Applicable to China models only) Unprotected WifiEvaluationService in TencentWifiSecurity application prior to SMR Jan-2022 Release 1 allows untrusted applications to get WiFi information without proper permission. | ||||
CVE-2022-22267 | 1 Google | 1 Android | 2024-08-03 | 4 Medium |
Implicit Intent hijacking vulnerability in ActivityMetricsLogger prior to SMR Jan-2022 Release 1 allows attackers to get running application information. |