Total
8334 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4121 | 5 Adobe, Apple, Google and 2 more | 13 Air Desktop Runtime, Air Sdk, Air Sdk \& Compiler and 10 more | 2022-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, and CVE-2016-4110. | |||||
| CVE-2022-20124 | 1 Google | 1 Android | 2022-12-13 | 7.2 HIGH | 7.8 HIGH |
| In deletePackageX of DeletePackageHelper.java, there is a possible way for a Guest user to reset pre-loaded applications for other users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-170646036 | |||||
| CVE-2022-39898 | 1 Google | 1 Android | 2022-12-12 | N/A | 3.3 LOW |
| Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of usim. | |||||
| CVE-2022-39900 | 1 Google | 1 Android | 2022-12-12 | N/A | 4.6 MEDIUM |
| Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice Catch. | |||||
| CVE-2022-39899 | 1 Google | 1 Android | 2022-12-12 | N/A | 4.3 MEDIUM |
| Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture. | |||||
| CVE-2022-39915 | 2 Google, Samsung | 2 Android, Calendar | 2022-12-12 | N/A | 5.5 MEDIUM |
| Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q(10), 12.2.11.3000 in Android R(11), 12.3.07.2000 in Android S(12), and 12.4.02.0 in Android T(13) allows attackers to access sensitive information via implicit intent. | |||||
| CVE-2022-39914 | 1 Google | 1 Android | 2022-12-12 | N/A | 3.3 LOW |
| Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung DisplayManagerService prior to Android T(13) allows local attacker to access connected DLNA device information. | |||||
| CVE-2022-39913 | 1 Google | 1 Android | 2022-12-12 | N/A | 3.3 LOW |
| Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T(13) allows local attacker to access user profiles information. | |||||
| CVE-2022-39912 | 1 Google | 1 Android | 2022-12-12 | N/A | 3.3 LOW |
| Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T(13) allows local attackers to set some setting value in Secure folder. | |||||
| CVE-2022-39904 | 1 Google | 1 Android | 2022-12-12 | N/A | 3.3 LOW |
| Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release 1 allows local attackers to access the Network Access Identifier via log. | |||||
| CVE-2022-39906 | 1 Google | 1 Android | 2022-12-12 | N/A | 3.3 LOW |
| Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information. | |||||
| CVE-2022-39908 | 1 Google | 1 Android | 2022-12-12 | N/A | 7.4 HIGH |
| TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write. | |||||
| CVE-2022-39907 | 1 Google | 1 Android | 2022-12-12 | N/A | 7.8 HIGH |
| Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write. | |||||
| CVE-2022-39903 | 1 Google | 1 Android | 2022-12-12 | N/A | 3.3 LOW |
| Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local attackers to access RCS incoming call number. | |||||
| CVE-2022-39905 | 1 Google | 1 Android | 2022-12-10 | N/A | 5.5 MEDIUM |
| Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit intent. | |||||
| CVE-2022-39894 | 1 Google | 1 Android | 2022-12-09 | N/A | 3.3 LOW |
| Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent. | |||||
| CVE-2022-39895 | 1 Google | 1 Android | 2022-12-09 | N/A | 3.3 LOW |
| Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent. | |||||
| CVE-2022-39896 | 1 Google | 1 Android | 2022-12-09 | N/A | 3.3 LOW |
| Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent. | |||||
| CVE-2022-39897 | 1 Google | 1 Android | 2022-12-09 | N/A | 5.5 MEDIUM |
| Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log. | |||||
| CVE-2022-28605 | 3 Apple, Google, Linkplay | 3 Iphone Os, Android, Sound Bar | 2022-12-09 | 10.0 HIGH | 9.8 CRITICAL |
| Hardcoded admin token in SoundBar apps in Linkplay SDK 1.00 allows remote attackers to gain admin privilege access in linkplay antifactory | |||||