Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Filtered by product Android
Total 5504 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-0368 1 Google 1 Android 2022-08-06 2.1 LOW 3.3 LOW
In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper input validation. This could lead to local information disclosure of voicemail metadata with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-143230980
CVE-2022-26430 3 Google, Mediatek, Yoctoproject 25 Android, Mt6833, Mt6853 and 22 more 2022-08-05 N/A 6.7 MEDIUM
In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032521; Issue ID: ALPS07032521.
CVE-2022-26435 3 Google, Mediatek, Yoctoproject 32 Android, Mt6833, Mt6853 and 29 more 2022-08-05 N/A 6.7 MEDIUM
In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138435; Issue ID: ALPS07138435.
CVE-2022-26433 3 Google, Mediatek, Yoctoproject 32 Android, Mt6833, Mt6853 and 29 more 2022-08-05 N/A 6.7 MEDIUM
In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138400; Issue ID: ALPS07138400.
CVE-2022-26432 3 Google, Mediatek, Yoctoproject 25 Android, Mt6833, Mt6853 and 22 more 2022-08-05 N/A 6.7 MEDIUM
In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032542; Issue ID: ALPS07032542.
CVE-2022-26431 3 Google, Mediatek, Yoctoproject 25 Android, Mt6833, Mt6853 and 22 more 2022-08-05 N/A 6.7 MEDIUM
In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032553; Issue ID: ALPS07032553.
CVE-2022-26434 3 Google, Mediatek, Yoctoproject 32 Android, Mt6833, Mt6853 and 29 more 2022-08-05 N/A 6.7 MEDIUM
In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138450; Issue ID: ALPS07138450.
CVE-2022-26436 2 Google, Mediatek 5 Android, Mt6855, Mt6879 and 2 more 2022-08-05 N/A 4.4 MEDIUM
In emi mpu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07023666; Issue ID: ALPS07023666.
CVE-2022-26426 2 Google, Mediatek 22 Android, Mt6833, Mt6853 and 19 more 2022-08-05 N/A 6.7 MEDIUM
In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085486; Issue ID: ALPS07085486.
CVE-2022-26427 2 Google, Mediatek 6 Android, Mt6833, Mt6853 and 3 more 2022-08-05 N/A 6.7 MEDIUM
In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085540; Issue ID: ALPS07085540.
CVE-2022-26429 2 Google, Mediatek 42 Android, Mt6580, Mt6735 and 39 more 2022-08-05 N/A 7.8 HIGH
In cta, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07025415; Issue ID: ALPS07025415.
CVE-2022-26428 2 Google, Mediatek 12 Android, Mt6739, Mt6761 and 9 more 2022-08-05 N/A 6.4 MEDIUM
In video codec, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521260; Issue ID: ALPS06521260.
CVE-2022-21791 2 Google, Mediatek 7 Android, Mt6833, Mt6853 and 4 more 2022-08-05 N/A 4.4 MEDIUM
In camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478059; Issue ID: ALPS06478059.
CVE-2022-21792 2 Google, Mediatek 11 Android, Mt6833, Mt6853 and 8 more 2022-08-05 N/A 6.7 MEDIUM
In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085410; Issue ID: ALPS07085410.
CVE-2022-21789 2 Google, Mediatek 21 Android, Mt6779, Mt6781 and 18 more 2022-08-05 N/A 6.4 MEDIUM
In audio ipi, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478101; Issue ID: ALPS06478101.
CVE-2022-21790 2 Google, Mediatek 6 Android, Mt6833, Mt6853 and 3 more 2022-08-05 N/A 4.4 MEDIUM
In camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479306; Issue ID: ALPS06479306.
CVE-2022-21788 2 Google, Mediatek 4 Android, Mt6879, Mt6895 and 1 more 2022-08-05 N/A 6.7 MEDIUM
In scp, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06988728; Issue ID: ALPS06988728.
CVE-2022-2479 1 Google 2 Android, Chrome 2022-08-04 N/A 4.3 MEDIUM
Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page.
CVE-2021-25490 1 Google 1 Android 2022-08-01 3.6 LOW 6.0 MEDIUM
A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged process.
CVE-2021-25500 2 Google, Samsung 5 Android, Exynos 2100, Exynos 980 and 2 more 2022-08-01 2.1 LOW 4.4 MEDIUM
A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise.