Filtered by vendor Google
Subscribe
Total
254 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-33728 | 1 Google | 1 Android | 2023-12-10 | N/A | 3.3 LOW |
| Exposure of sensitive information in Bluetooth prior to SMR Aug-2022 Release 1 allows local attackers to access connected BT macAddress via Settings.Gloabal. | |||||
| CVE-2022-20330 | 1 Google | 1 Android | 2023-12-10 | N/A | 3.5 LOW |
| In Bluetooth, there is a possible way to connect or disconnect bluetooth devices without user awareness due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-181962588 | |||||
| CVE-2022-33726 | 1 Google | 1 Android | 2023-12-10 | N/A | 3.3 LOW |
| Unprotected dynamic receiver in Samsung Galaxy Friends prior to SMR Aug-2022 Release 1 allows attacker to launch activity. | |||||
| CVE-2022-20261 | 1 Google | 1 Android | 2023-12-10 | N/A | 2.3 LOW |
| In LocationManager, there is a possible way to get location information due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-219835125 | |||||
| CVE-2022-33720 | 1 Google | 1 Android | 2023-12-10 | N/A | 2.4 LOW |
| Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut. | |||||
| CVE-2022-33689 | 1 Google | 1 Android | 2023-12-10 | 2.1 LOW | 3.3 LOW |
| Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows attackers to change preferred network type by unprotected binder call. | |||||
| CVE-2022-33694 | 1 Google | 1 Android | 2023-12-10 | 2.1 LOW | 3.3 LOW |
| Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting. | |||||
| CVE-2022-33729 | 1 Google | 1 Android | 2023-12-10 | N/A | 3.3 LOW |
| Improper restriction of broadcasting Intent in ConfirmConnectActivity of?NFC prior to SMR Aug-2022 Release 1 leaks MAC address of the connected Bluetooth device. | |||||
| CVE-2022-20251 | 1 Google | 1 Android | 2023-12-10 | N/A | 3.3 LOW |
| In LocaleManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-225881167 | |||||
| CVE-2022-20315 | 1 Google | 1 Android | 2023-12-10 | N/A | 3.3 LOW |
| In ActivityManager, there is a possible disclosure of installed packages due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-191058227 | |||||
| CVE-2022-20249 | 1 Google | 1 Android | 2023-12-10 | N/A | 3.3 LOW |
| In LocaleManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-226900861 | |||||
| CVE-2022-39856 | 1 Google | 1 Android | 2023-12-10 | N/A | 3.3 LOW |
| Improper access control vulnerability in imsservice application prior to SMR Oct-2022 Release 1 allows local attackers to access call information. | |||||
| CVE-2022-36852 | 1 Google | 1 Android | 2023-12-10 | N/A | 3.3 LOW |
| Improper Authorization vulnerability in Video Editor prior to SMR Sep-2022 Release 1 allows local attacker to access internal application data. | |||||
| CVE-2022-20267 | 1 Google | 1 Android | 2023-12-10 | N/A | 3.3 LOW |
| In bluetooth, there is a possible way to enable or disable bluetooth connection without user consent due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-211646835 | |||||
| CVE-2022-20327 | 1 Google | 1 Android | 2023-12-10 | N/A | 2.8 LOW |
| In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-185126813 | |||||
| CVE-2022-33701 | 1 Google | 1 Android | 2023-12-10 | 2.1 LOW | 3.3 LOW |
| Improper access control vulnerability in KnoxCustomManagerService prior to SMR Jul-2022 Release 1 allows attacker to call PowerManaer.goToSleep method which is protected by system permission by sending braodcast intent. | |||||
| CVE-2022-39887 | 1 Google | 1 Android | 2023-12-10 | N/A | 3.3 LOW |
| Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting. | |||||
| CVE-2022-39850 | 1 Google | 1 Android | 2023-12-10 | N/A | 3.3 LOW |
| Improper access control in mum_container_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data. | |||||
| CVE-2022-20338 | 1 Google | 1 Android | 2023-12-10 | N/A | 3.3 LOW |
| In HierarchicalUri.readFrom of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. This could lead to a local escalation of privilege, preventing processes from validating URIs correctly, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-171966843 | |||||
| CVE-2022-30750 | 1 Google | 1 Android | 2023-12-10 | 2.1 LOW | 3.3 LOW |
| Improper access control vulnerability in updateLastConnectedClientInfo function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected. | |||||