Total
7912 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-22285 | 2 Google, Samsung | 2 Android, Reminder | 2024-11-21 | 3.6 LOW | 4.4 MEDIUM |
| A vulnerability using PendingIntent in Reminder prior to version 12.2.05.0 in Android R(11.0) and 12.3.02.1000 in Android S(12.0) allows attackers to execute privileged action by hijacking and modifying the intent. | |||||
| CVE-2022-22272 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission | |||||
| CVE-2022-22271 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A missing input validation before memory copy in TIMA trustlet prior to SMR Jan-2022 Release 1 allows attackers to copy data from arbitrary memory. | |||||
| CVE-2022-22270 | 1 Google | 1 Android | 2024-11-21 | 4.3 MEDIUM | 4.4 MEDIUM |
| An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows unprivileged applications to access contact information. | |||||
| CVE-2022-22269 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Keeping sensitive data in unprotected BluetoothSettingsProvider prior to SMR Jan-2022 Release 1 allows untrusted applications to get a local Bluetooth MAC address. | |||||
| CVE-2022-22268 | 1 Google | 1 Android | 2024-11-21 | 3.6 LOW | 6.1 MEDIUM |
| Incorrect implementation of Knox Guard prior to SMR Jan-2022 Release 1 allows physically proximate attackers to temporary unlock the Knox Guard via Samsung DeX mode. | |||||
| CVE-2022-22267 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Implicit Intent hijacking vulnerability in ActivityMetricsLogger prior to SMR Jan-2022 Release 1 allows attackers to get running application information. | |||||
| CVE-2022-22266 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| (Applicable to China models only) Unprotected WifiEvaluationService in TencentWifiSecurity application prior to SMR Jan-2022 Release 1 allows untrusted applications to get WiFi information without proper permission. | |||||
| CVE-2022-22265 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 4.6 MEDIUM | 5.0 MEDIUM |
| An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2022-22264 | 1 Google | 1 Android | 2024-11-21 | 3.6 LOW | 7.7 HIGH |
| Improper sanitization of incoming intent in Dressroom prior to SMR Jan-2022 Release 1 allows local attackers to read and write arbitrary files without permission. | |||||
| CVE-2022-22263 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Unprotected dynamic receiver in SecSettings prior to SMR Jan-2022 Release 1 allows untrusted applications to launch arbitrary activity. | |||||
| CVE-2022-21792 | 2 Google, Mediatek | 11 Android, Mt6833, Mt6853 and 8 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085410; Issue ID: ALPS07085410. | |||||
| CVE-2022-21791 | 2 Google, Mediatek | 7 Android, Mt6833, Mt6853 and 4 more | 2024-11-21 | N/A | 4.4 MEDIUM |
| In camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478059; Issue ID: ALPS06478059. | |||||
| CVE-2022-21790 | 2 Google, Mediatek | 6 Android, Mt6833, Mt6853 and 3 more | 2024-11-21 | N/A | 4.4 MEDIUM |
| In camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479306; Issue ID: ALPS06479306. | |||||
| CVE-2022-21789 | 2 Google, Mediatek | 21 Android, Mt6779, Mt6781 and 18 more | 2024-11-21 | N/A | 6.4 MEDIUM |
| In audio ipi, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478101; Issue ID: ALPS06478101. | |||||
| CVE-2022-21788 | 2 Google, Mediatek | 4 Android, Mt6879, Mt6895 and 1 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| In scp, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06988728; Issue ID: ALPS06988728. | |||||
| CVE-2022-21787 | 2 Google, Mediatek | 13 Android, Mt6833, Mt6853 and 10 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In audio DSP, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558844; Issue ID: ALPS06558844. | |||||
| CVE-2022-21786 | 2 Google, Mediatek | 13 Android, Mt6833, Mt6853 and 10 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In audio DSP, there is a possible memory corruption due to improper casting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558822; Issue ID: ALPS06558822. | |||||
| CVE-2022-21785 | 2 Google, Mediatek | 22 Android, Mt6877, Mt6983 and 19 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06807363; Issue ID: ALPS06807363. | |||||
| CVE-2022-21784 | 2 Google, Mediatek | 33 Android, Mt6761, Mt6779 and 30 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06704526; Issue ID: ALPS06704462. | |||||