850 matches found
CVE-2022-20361
In btifdmauthcmplevt of btifdm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20358
In startSync of AbstractThreadedSyncAdapter.java, there is a possible way to access protected content of content providers due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for...
CVE-2022-20357
In writeToParcel of SurfaceControl.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12...
CVE-2022-20357
The CVE-2022-20357 issue affects Android 12 (and 12L) and relates to writeToParcel in SurfaceControl.cpp, enabling local information disclosure due to uninitialized data. The impact is local information disclosure with no additional execution privileges needed; user interaction is not required. M...
CVE-2022-20354
In onDefaultNetworkChanged of Vpn.java, there is a possible way to disable VPN due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...
CVE-2022-20353
In onSaveRingtone of DefaultRingtonePreference.java, there is a possible inappropriate file read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20347
In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20346
CVE-2022-20346 affects the Android Media Framework, specifically the updateAudioTrackInfoFromESDS_MPEG4Audio path in MPEG4Extractor.cpp. The root cause is an incorrect bounds check that enables an out-of-bounds read, which could lead to remote information disclosure. The description indicates no ...
CVE-2022-20345
CVE-2022-20345 affects Android 12/12L with a vulnerability in the Bluetooth L2C BLE implementation. The issue is a missing bounds check in l2cble_process_sig_cmd (l2c_ble.cc) that can cause an out-of-bounds write, enabling remote code execution over Bluetooth without user interaction. Android bul...
Google Android 输入验证错误漏洞
Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in Google Android 11, 12, 12L. An attacker exploiting the vulnerability could lead to local elevation of privilege...
CVE-2022-20219
In multiple functions of StorageManagerService.java and UserManagerService.java, there is a possible way to leave user's directories unencrypted due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is no...
CVE-2022-20220
In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid...
CVE-2022-20226
In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12...
CVE-2022-20234
In Car Settings app, the NotificationAccessConfirmationActivity is exported. In NotificationAccessConfirmationActivity, it gets both 'mComponentName' and 'pkgTitle' from user.An unprivileged app can use a malicous mComponentName with a benign pkgTitle e.g. Settings app to make users enable...
CVE-2022-20228
In various functions of C2DmaBufAllocator.cpp, there is a possible memory corruption due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12...
CVE-2022-20230
In choosePrivateKeyAlias of KeyChain.java, there is a possible access to the user's certificate due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...
CVE-2022-20220
In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid...
Input validation
In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12...
Out-of-bounds
In readattrvalue of gattdb.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID...
Out-of-bounds
In btahfclienthandlecindlistitem of btahfclientat.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-1...