Input validation

In registerPhoneAccount of PhoneAccountRegistrar.java, there is a possible way to prevent the user from selecting a phone account due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for...

Heap overflow

In transportDecOutOfBandConfig of tpdeclib.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

Out-of-bounds

In nciprocrfmanagementntf of ncihrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

Design/Logic Flaw

In writeToParcel of GateKeeperResponse.java, there is a possible parcel format mismatch. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12...

Out-of-bounds

In phNciNfcRecvMfResp of phNxpExtnsMifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Input validation

In readArguments of CallSubjectDialog.java, there is a possible way to trick the user to call the wrong phone number due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

Design/Logic Flaw

In setDiscoverableTimeout of AdapterService.java, there is a possible bypass of user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2022-20143

In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-...

CVE-2022-20135

In writeToParcel of GateKeeperResponse.java, there is a possible parcel format mismatch. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12...

CVE-2022-20131

In nciprocrfmanagementntf of ncihrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

CVE-2022-20131

CVE-2022-20131 affects Android (10–12/12L) with a root cause in nci_proc_rf_management_ntf of nci_hrcv.cc, causing an out-of-bounds read that can disclose information remotely without user interaction. The issue is linked to the Android RF management notification path and is mapped to a System/ID...

CVE-2022-20126

In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode without user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product...

CVE-2022-20125

In GBoard, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.Produc...

PT-2022-14430 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12L Description: In the getAppSize function of InstalldNativeService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution...

PT-2022-14433 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android version Android-12L Description: In the registerRemoteBugreportReceivers function of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local...

PT-2022-14435 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android version Android-12L Description: In the setPackageOrComponentEnabled function of NotificationManagerService.java, a missing permission check could lead to local information disclosure about enabled notification listeners. This issue...

PT-2022-14429 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12L Description: The issue is related to a possible leak of hotspot state due to a missing permission check in the updateApState function of SoftApManager.java. This could lead to local information disclosure with no...

CVE-2021-39738

In CarSetings, there is a possible to pair BT device bypassing user's consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

Design/Logic Flaw

In CarSetings, there is a possible to pair BT device bypassing user's consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

CVE-2022-20006

In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way to briefly view what's under the lockscreen due to a race condition. This could lead to local escalation of privilege if a Guest user is enabled, with no additional execution privileges needed. User...