Total
8334 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20439 | 1 Google | 1 Android | 2022-10-12 | N/A | 5.5 MEDIUM |
| In Messaging, There has unauthorized provider, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242266172 | |||||
| CVE-2022-20434 | 1 Google | 1 Android | 2022-10-12 | N/A | 7.8 HIGH |
| There is an missing authorization issue in the system service. Since the component does not have permission check , resulting in Local Elevation of privilege.Product: AndroidVersions: Android SoCAndroid ID: A-242244028 | |||||
| CVE-2022-20431 | 1 Google | 1 Android | 2022-10-12 | N/A | 7.8 HIGH |
| There is an missing authorization issue in the system service. Since the component does not have permission check , resulting in Local Elevation of privilege.Product: AndroidVersions: Android SoCAndroid ID: A-242221238 | |||||
| CVE-2022-20440 | 1 Google | 1 Android | 2022-10-12 | N/A | 5.5 MEDIUM |
| In Messaging, There has unauthorized broadcast, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242259918 | |||||
| CVE-2022-20351 | 1 Google | 1 Android | 2022-10-12 | N/A | 5.5 MEDIUM |
| In queryInternal of CallLogProvider.java, there is a possible access to voicemail information due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224771921 | |||||
| CVE-2022-32591 | 2 Google, Mediatek | 38 Android, Mt6580, Mt6739 and 35 more | 2022-10-12 | N/A | 7.5 HIGH |
| In ril, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07257259; Issue ID: ALPS07257259. | |||||
| CVE-2022-32589 | 3 Google, Linuxfoundation, Mediatek | 43 Android, Yocto, Mt6761 and 40 more | 2022-10-12 | N/A | 7.5 HIGH |
| In Wi-Fi driver, there is a possible way to disconnect Wi-Fi due to an improper resource release. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07030600; Issue ID: ALPS07030600. | |||||
| CVE-2022-32592 | 3 Google, Linuxfoundation, Mediatek | 17 Android, Yocto, Mt6855 and 14 more | 2022-10-12 | N/A | 6.7 MEDIUM |
| In cpu dvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07139405; Issue ID: ALPS07139405. | |||||
| CVE-2022-39847 | 1 Google | 1 Android | 2022-10-11 | N/A | 5.3 MEDIUM |
| Use after free vulnerability in set_nft_pid and signal_handler function of NFC driver prior to SMR Oct-2022 Release 1 allows attackers to perform malicious actions. | |||||
| CVE-2022-36868 | 1 Google | 1 Android | 2022-10-11 | N/A | 3.3 LOW |
| Improper restriction of broadcasting Intent in MouseNKeyHidDevice prior to SMR Oct-2022 Release 1 leaks MAC address of the connected Bluetooth device. | |||||
| CVE-2022-39855 | 1 Google | 1 Android | 2022-10-11 | N/A | 4.3 MEDIUM |
| Improper access control vulnerability in FACM application prior to SMR Oct-2022 Release 1 allows a local attacker to connect arbitrary AP and Bluetooth devices. | |||||
| CVE-2022-26472 | 2 Google, Mediatek | 40 Android, Mt6739, Mt6761 and 37 more | 2022-10-11 | N/A | 7.8 HIGH |
| In ims, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319095; Issue ID: ALPS07319095. | |||||
| CVE-2022-26471 | 2 Google, Mediatek | 34 Android, Mt6580, Mt6739 and 31 more | 2022-10-11 | N/A | 7.8 HIGH |
| In telephony, there is a possible escalation of privilege due to a parcel format mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07319121; Issue ID: ALPS07319121. | |||||
| CVE-2022-26474 | 2 Google, Mediatek | 6 Android, Mt6789, Mt6855 and 3 more | 2022-10-11 | N/A | 6.7 MEDIUM |
| In sensorhub, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07129717; Issue ID: ALPS07129717. | |||||
| CVE-2022-39851 | 1 Google | 1 Android | 2022-10-11 | N/A | 3.3 LOW |
| Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS permission. | |||||
| CVE-2022-39852 | 1 Google | 1 Android | 2022-10-11 | N/A | 7.8 HIGH |
| A heap-based overflow vulnerability in makeContactAGIF in libagifencoder.quram.so library prior to SMR Oct-2022 Release 1 allows attacker to perform code execution. | |||||
| CVE-2022-39853 | 2 Google, Qualcomm | 3 Android, Sm8150, Sm8250 | 2022-10-11 | N/A | 7.8 HIGH |
| A use after free vulnerability in perf-mgr driver prior to SMR Oct-2022 Release 1 allows attacker to cause memory access fault. | |||||
| CVE-2022-39849 | 1 Google | 1 Android | 2022-10-08 | N/A | 3.3 LOW |
| Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data. | |||||
| CVE-2022-39850 | 1 Google | 1 Android | 2022-10-08 | N/A | 3.3 LOW |
| Improper access control in mum_container_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data. | |||||
| CVE-2022-39848 | 1 Google | 1 Android | 2022-10-08 | N/A | 3.3 LOW |
| Exposure of sensitive information in AT_Distributor prior to SMR Oct-2022 Release 1 allows local attacker to access SerialNo via log. | |||||