Filtered by vendor Google
Subscribe
Total
12830 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-0093 | 5 Canonical, Debian, Google and 2 more | 5 Ubuntu Linux, Debian Linux, Android and 2 more | 2022-10-14 | 1.9 LOW | 5.0 MEDIUM |
| In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-148705132 | |||||
| CVE-2020-0003 | 1 Google | 1 Android | 2022-10-14 | 3.7 LOW | 6.7 MEDIUM |
| In onCreate of InstallStart.java, there is a possible package validation bypass due to a time-of-check time-of-use vulnerability. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android ID: A-140195904 | |||||
| CVE-2020-0009 | 2 Debian, Google | 2 Debian Linux, Android | 2022-10-14 | 2.1 LOW | 5.5 MEDIUM |
| In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-142938932 | |||||
| CVE-2019-9423 | 1 Google | 1 Android | 2022-10-14 | 4.6 MEDIUM | 7.8 HIGH |
| In opencv calls that use libpng, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not required for exploitation. Product: AndroidVersions: Android-10Android ID: A-110986616 | |||||
| CVE-2019-9288 | 1 Google | 1 Android | 2022-10-14 | 4.6 MEDIUM | 6.8 MEDIUM |
| In libhidcommand_jni, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the USB service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Android Versions: Android-10 Android ID: A-111363077 | |||||
| CVE-2019-9456 | 2 Google, Opensuse | 2 Android, Leap | 2022-10-14 | 4.6 MEDIUM | 6.7 MEDIUM |
| In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-9453 | 2 Canonical, Google | 2 Ubuntu Linux, Android | 2022-10-14 | 2.1 LOW | 4.4 MEDIUM |
| In the Android kernel in F2FS touch driver there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2019-9445 | 3 Canonical, Debian, Google | 3 Ubuntu Linux, Debian Linux, Android | 2022-10-14 | 2.1 LOW | 4.4 MEDIUM |
| In the Android kernel in F2FS driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2022-20437 | 1 Google | 1 Android | 2022-10-13 | N/A | 5.5 MEDIUM |
| In Messaging, There has unauthorized broadcast, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242258929 | |||||
| CVE-2022-20436 | 1 Google | 1 Android | 2022-10-13 | N/A | 7.8 HIGH |
| There is an unauthorized service in the system service. Since the component does not have permission check, resulting in Local Elevation of privilege.Product: AndroidVersions: Android SoCAndroid ID: A-242248369 | |||||
| CVE-2022-20429 | 1 Google | 1 Android | 2022-10-13 | N/A | 8.8 HIGH |
| In CarSettings of app packages, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220741473 | |||||
| CVE-2022-20425 | 1 Google | 1 Android | 2022-10-13 | N/A | 5.5 MEDIUM |
| In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent degradation of performance due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-235823407 | |||||
| CVE-2022-20423 | 1 Google | 1 Android | 2022-10-13 | N/A | 4.6 MEDIUM |
| In rndis_set_response of rndis.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious USB device is attached with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239842288References: Upstream kernel | |||||
| CVE-2022-20419 | 1 Google | 1 Android | 2022-10-13 | N/A | 7.8 HIGH |
| In setOptions of ActivityRecord.java, there is a possible load any arbitrary Java code into launcher process due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-237290578 | |||||
| CVE-2022-20420 | 1 Google | 1 Android | 2022-10-13 | N/A | 7.8 HIGH |
| In getBackgroundRestrictionExemptionReason of AppRestrictionController.java, there is a possible way to bypass device policy restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238377411 | |||||
| CVE-2022-20418 | 1 Google | 1 Android | 2022-10-13 | N/A | 7.5 HIGH |
| In pickStartSeq of AAVCAssembler.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-231986464 | |||||
| CVE-2022-20415 | 1 Google | 1 Android | 2022-10-13 | N/A | 7.8 HIGH |
| In handleFullScreenIntent of StatusBarNotificationActivityStarter.java, there is a possible bypass of the restriction of starting activity from background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-231322873 | |||||
| CVE-2022-20413 | 1 Google | 1 Android | 2022-10-13 | N/A | 5.5 MEDIUM |
| In start of Threads.cpp, there is a possible way to record audio during a phone call due to a logic error in the code. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-235850634 | |||||
| CVE-2022-20417 | 1 Google | 1 Android | 2022-10-13 | N/A | 7.8 HIGH |
| In audioTransportsToHal of HidlUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-237288416 | |||||
| CVE-2022-20412 | 1 Google | 1 Android | 2022-10-13 | N/A | 6.7 MEDIUM |
| In fdt_next_tag of fdt.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-230794395 | |||||