Total
7912 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-33695 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 5.1 MEDIUM |
| Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows unauthorized access to the service. | |||||
| CVE-2022-33694 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting. | |||||
| CVE-2022-33693 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 2.0 LOW |
| Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log. | |||||
| CVE-2022-33692 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log. | |||||
| CVE-2022-33691 | 2 Google, Samsung | 2 Android, Exynos 9820 | 2024-11-21 | 1.9 LOW | 6.2 MEDIUM |
| A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations. | |||||
| CVE-2022-33690 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to access arbitrary file. | |||||
| CVE-2022-33689 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 6.2 MEDIUM |
| Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows attackers to change preferred network type by unprotected binder call. | |||||
| CVE-2022-33688 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log. | |||||
| CVE-2022-33687 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| Exposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows local attackers to access IMSI via log. | |||||
| CVE-2022-33686 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 2.3 LOW |
| Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log. | |||||
| CVE-2022-33685 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information. | |||||
| CVE-2022-32653 | 2 Google, Mediatek | 6 Android, Mt6789, Mt6855 and 3 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262518; Issue ID: ALPS07262518. | |||||
| CVE-2022-32652 | 2 Google, Mediatek | 6 Android, Mt6833, Mt6853 and 3 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262617; Issue ID: ALPS07262617. | |||||
| CVE-2022-32651 | 2 Google, Mediatek | 3 Android, Mt6879, Mt6983 | 2024-11-21 | N/A | 6.7 MEDIUM |
| In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07225857; Issue ID: ALPS07225857. | |||||
| CVE-2022-32650 | 2 Google, Mediatek | 4 Android, Mt6879, Mt6895 and 1 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| In mtk-isp, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07225853; Issue ID: ALPS07225853. | |||||
| CVE-2022-32649 | 2 Google, Mediatek | 3 Android, Mt6895, Mt6983 | 2024-11-21 | N/A | 6.7 MEDIUM |
| In jpeg, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07225840; Issue ID: ALPS07225840. | |||||
| CVE-2022-32648 | 2 Google, Mediatek | 14 Android, Mt6735, Mt6737 and 11 more | 2024-11-21 | N/A | 6.4 MEDIUM |
| In disp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535964; Issue ID: ALPS06535964. | |||||
| CVE-2022-32647 | 2 Google, Mediatek | 4 Android, Mt6879, Mt6895 and 1 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| In ccu, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07554646; Issue ID: ALPS07554646. | |||||
| CVE-2022-32646 | 2 Google, Mediatek | 24 Android, Mt6761, Mt6765 and 21 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| In gpu drm, there is a possible stack overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363501; Issue ID: ALPS07363501. | |||||
| CVE-2022-32645 | 2 Google, Mediatek | 19 Android, Mt6789, Mt6833 and 16 more | 2024-11-21 | N/A | 4.1 MEDIUM |
| In vow, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494477; Issue ID: ALPS07494477. | |||||