Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Filtered by product Android
Total 7912 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-23999 1 Google 1 Android 2024-11-21 2.1 LOW 3.9 LOW
PendingIntent hijacking vulnerability in CpaReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via implicit Intent.
CVE-2022-23998 2 Google, Samsung 2 Android, Camera 2024-11-21 4.3 MEDIUM 6.2 MEDIUM
Improper access control vulnerability in Camera prior to versions 11.1.02.16 in Android R(11), 10.5.03.77 in Android Q(10) and 9.0.6.68 in Android P(9) allows untrusted applications to take a picture in screenlock status.
CVE-2022-23729 1 Google 1 Android 2024-11-21 6.9 MEDIUM 7.8 HIGH
When the device is in factory state, it can be access the shell without adb authentication process. The LG ID is LVE-SMP-210010.
CVE-2022-23728 1 Google 1 Android 2024-11-21 6.6 MEDIUM 6.1 MEDIUM
Attacker can reset the device with AT Command in the process of rebooting the device. The LG ID is LVE-SMP-210011.
CVE-2022-23434 2 Google, Samsung 2 Android, Bixby 2024-11-21 2.1 LOW 4.4 MEDIUM
A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S(12), 3.7.50.6 in Andorid R(11) and below allows attackers to execute privileged action by hijacking and modifying the intent.
CVE-2022-23433 2 Google, Samsung 2 Android, Reminder 2024-11-21 5.0 MEDIUM 4.3 MEDIUM
Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08.6000 in Andoid Q(10) allows attackers to register reminders or execute exporeted activities remotely.
CVE-2022-23432 2 Google, Samsung 2 Android, Exynos 2024-11-21 4.6 MEDIUM 6.4 MEDIUM
An improper input validation in SMC_SRPMB_WSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.
CVE-2022-23431 2 Google, Samsung 2 Android, Exynos 2024-11-21 4.6 MEDIUM 6.4 MEDIUM
An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.
CVE-2022-23429 1 Google 1 Android 2024-11-21 3.6 LOW 5.3 MEDIUM
An improper boundary check in audio hal service prior to SMR Feb-2022 Release 1 allows attackers to read invalid memory and it leads to application crash.
CVE-2022-23428 2 Google, Samsung 2 Android, Exynos 2024-11-21 7.2 HIGH 8.4 HIGH
An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.
CVE-2022-23427 1 Google 1 Android 2024-11-21 3.6 LOW 3.9 LOW
PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent.
CVE-2022-23426 1 Google 1 Android 2024-11-21 3.6 LOW 4.4 MEDIUM
A vulnerability using PendingIntent in DeX Home and DeX for PC prior to SMR Feb-2022 Release 1 allows attackers to access files with system privilege.
CVE-2022-23425 2 Google, Samsung 2 Android, Exynos 2024-11-21 7.5 HIGH 8.6 HIGH
Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station.
CVE-2022-23278 4 Apple, Google, Linux and 1 more 11 Macos, Android, Linux Kernel and 8 more 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
Microsoft Defender for Endpoint Spoofing Vulnerability
CVE-2022-23258 2 Google, Microsoft 2 Android, Edge 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Microsoft Edge for Android Spoofing Vulnerability
CVE-2022-22762 2 Google, Mozilla 2 Android, Firefox 2024-11-21 N/A 4.3 MEDIUM
Under certain circumstances, a JavaScript alert (or prompt) could have been shown while another website was displayed underneath it. This could have been abused to trick the user. <br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97.
CVE-2022-22758 2 Google, Mozilla 2 Android, Firefox 2024-11-21 N/A 8.8 HIGH
When clicking on a tel: link, USSD codes, specified after a <code>\*</code> character, would be included in the phone number. On certain phones, or on certain carriers, if the number was dialed this could perform actions on a user's account, similar to a cross-site request forgery attack.<br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97.
CVE-2022-22292 1 Google 1 Android 2024-11-21 4.6 MEDIUM 7.1 HIGH
Unprotected dynamic receiver in Telecom prior to SMR Feb-2022 Release 1 allows untrusted applications to launch arbitrary activity.
CVE-2022-22291 1 Google 1 Android 2024-11-21 2.1 LOW 5.5 MEDIUM
Logging of excessive data vulnerability in telephony prior to SMR Feb-2022 Release 1 allows privileged attackers to get Cell Location Information through log of user device.
CVE-2022-22286 2 Google, Samsung 2 Android, Bixby Routines 2024-11-21 3.6 LOW 4.4 MEDIUM
A vulnerability using PendingIntent in Bixby Routines prior to version 3.1.21.8 in Android R(11.0) and 2.6.30.5 in Android Q(10.0) allows attackers to execute privileged action by hijacking and modifying the intent.