Filtered by vendor Google
Subscriptions
Total
13909 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-23431 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 6.4 Medium |
| An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | ||||
| CVE-2022-23429 | 1 Google | 1 Android | 2024-11-21 | 5.3 Medium |
| An improper boundary check in audio hal service prior to SMR Feb-2022 Release 1 allows attackers to read invalid memory and it leads to application crash. | ||||
| CVE-2022-23428 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 8.4 High |
| An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | ||||
| CVE-2022-23427 | 1 Google | 1 Android | 2024-11-21 | 3.9 Low |
| PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent. | ||||
| CVE-2022-23426 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| A vulnerability using PendingIntent in DeX Home and DeX for PC prior to SMR Feb-2022 Release 1 allows attackers to access files with system privilege. | ||||
| CVE-2022-23425 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 8.6 High |
| Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station. | ||||
| CVE-2022-22292 | 1 Google | 1 Android | 2024-11-21 | 7.1 High |
| Unprotected dynamic receiver in Telecom prior to SMR Feb-2022 Release 1 allows untrusted applications to launch arbitrary activity. | ||||
| CVE-2022-22291 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| Logging of excessive data vulnerability in telephony prior to SMR Feb-2022 Release 1 allows privileged attackers to get Cell Location Information through log of user device. | ||||
| CVE-2022-22286 | 2 Google, Samsung | 2 Android, Bixby Routines | 2024-11-21 | 4.4 Medium |
| A vulnerability using PendingIntent in Bixby Routines prior to version 3.1.21.8 in Android R(11.0) and 2.6.30.5 in Android Q(10.0) allows attackers to execute privileged action by hijacking and modifying the intent. | ||||
| CVE-2022-22285 | 2 Google, Samsung | 2 Android, Reminder | 2024-11-21 | 4.4 Medium |
| A vulnerability using PendingIntent in Reminder prior to version 12.2.05.0 in Android R(11.0) and 12.3.02.1000 in Android S(12.0) allows attackers to execute privileged action by hijacking and modifying the intent. | ||||
| CVE-2022-22272 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission | ||||
| CVE-2022-22271 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| A missing input validation before memory copy in TIMA trustlet prior to SMR Jan-2022 Release 1 allows attackers to copy data from arbitrary memory. | ||||
| CVE-2022-22270 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows unprivileged applications to access contact information. | ||||
| CVE-2022-22269 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Keeping sensitive data in unprotected BluetoothSettingsProvider prior to SMR Jan-2022 Release 1 allows untrusted applications to get a local Bluetooth MAC address. | ||||
| CVE-2022-22268 | 1 Google | 1 Android | 2024-11-21 | 6.1 Medium |
| Incorrect implementation of Knox Guard prior to SMR Jan-2022 Release 1 allows physically proximate attackers to temporary unlock the Knox Guard via Samsung DeX mode. | ||||
| CVE-2022-22267 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Implicit Intent hijacking vulnerability in ActivityMetricsLogger prior to SMR Jan-2022 Release 1 allows attackers to get running application information. | ||||
| CVE-2022-22266 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| (Applicable to China models only) Unprotected WifiEvaluationService in TencentWifiSecurity application prior to SMR Jan-2022 Release 1 allows untrusted applications to get WiFi information without proper permission. | ||||
| CVE-2022-22264 | 1 Google | 1 Android | 2024-11-21 | 7.7 High |
| Improper sanitization of incoming intent in Dressroom prior to SMR Jan-2022 Release 1 allows local attackers to read and write arbitrary files without permission. | ||||
| CVE-2022-22263 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Unprotected dynamic receiver in SecSettings prior to SMR Jan-2022 Release 1 allows untrusted applications to launch arbitrary activity. | ||||
| CVE-2022-21792 | 2 Google, Mediatek | 11 Android, Mt6833, Mt6853 and 8 more | 2024-11-21 | 6.7 Medium |
| In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085410; Issue ID: ALPS07085410. | ||||