Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1662 matches found

Vulnrichment
Vulnrichmentadded 2022/09/13 7:14 p.m.3 views

CVE-2022-20392

In declareDuplicatePermission of ParsedPermissionUtils.java, there is a possible way to obtain a dangerous permission without user consent due to improper input validation. This could lead to local escalation of privilege during app installation or upgrade with no additional execution privileges...

7.7AI score0.00102EPSS
Exploits0References1
CNNVD
CNNVDadded 2022/09/06 12:0 a.m.3 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor's announcement...

9.8CVSS8.2AI score0.00429EPSS
Exploits0References4
Android Security Bulletins
Android Security Bulletinsadded 2022/09/06 12:0 a.m.102 views

Android Security Bulletin—September 2022Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2022-09-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...

9.8CVSS5.4AI score0.04829EPSS
Exploits3
The Hacker News
The Hacker Newsadded 2022/08/17 1:59 p.m.41 views

Cybercriminals Developing BugDrop Malware to Bypass Android Security Features

In a sign that malicious actors continue to find ways to work around Google Play Store security protections, researchers have spotted a previously undocumented Android dropper trojan that's currently in development. "This new malware tries to abuse devices using a novel technique, not seen before...

0.5AI score
Exploits0
ATTACKERKB
ATTACKERKBadded 2022/08/12 3:15 p.m.4 views

CVE-2022-20342

In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID...

3.3CVSS5.9AI score0.00094EPSS
Exploits0References2
Prion
Prionadded 2022/08/12 3:15 p.m.15 views

Out-of-bounds

In Bluetooth, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-209062898...

4.7CVSS7.2AI score0.00165EPSS
Exploits0References1Affected Software1
CNNVD
CNNVDadded 2022/08/12 12:0 a.m.3 views

Google Android安全漏洞

Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in Google Android 13. An attacker exploited the vulnerability to escalate local privileges and enable working profiles...

7.8CVSS7.4AI score0.00108EPSS
Exploits0References2
CNNVD
CNNVDadded 2022/08/12 12:0 a.m.2 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. in the United States. A security vulnerability exists in the Google Android Content component that stems from a privilege bypass with a possible way to learn the name of a gmail account on a device...

5.5CVSS5.8AI score0.00096EPSS
Exploits0References2
CNNVD
CNNVDadded 2022/08/12 12:0 a.m.4 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability exists in the Google Android bluetooth component, which stems from a lack of privilege checking, with a possible method to enable or disable bluetooth connectivity without...

3.3CVSS5.1AI score0.00086EPSS
Exploits0References2
CVE
CVEadded 2022/08/11 3:24 p.m.47 views

CVE-2022-20312

In Android 13, the WifiP2pManager can leak the device’s WiFi P2P MAC address without user consent due to a missing permission check. This enables local information disclosure with a Local attack vector and no user interaction required. Affected component: WifiP2pManager in Android 13. Root cause:...

5.5CVSS5.5AI score0.00089EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2022/08/11 3:22 p.m.57 views

CVE-2022-20306

CVE-2022-20306 affects Android 13 via the Camera Provider HAL. The issue is a memory corruption due to a use-after-free in the Camera Provider HAL, enabling local elevation of privileges with SYSTEM rights and no user interaction required. The vulnerability impact is described as local EoP with h...

6.7CVSS7AI score0.00099EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2022/08/11 3:20 p.m.58 views

CVE-2022-20298

CVE-2022-20298 affects Android 13 ContentService. The issue stems from a missing permission check in ContentService, enabling an attacker to determine whether an account exists on the device and potentially disclose local information. Exploitation is local and does not require user interaction, w...

5.5CVSS5.5AI score0.00089EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2022/08/11 12:0 a.m.3 views

PT-2022-14564 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to an insecure SEpolicy configuration in Android, which could lead to local information disclosure of network topography. No additional execution privileges are needed for...

3.3CVSS3.6AI score0.00094EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2022/08/11 12:0 a.m.3 views

PT-2022-14528 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue allows for a sandbox escape in the Settings, potentially bypassing factory reset protections. This could lead to local escalation of privilege if an attacker has physical access to the device...

7.6CVSS7.5AI score0.00153EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2022/08/09 12:0 a.m.2 views

PT-2022-14582 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-12L Description: The issue is related to improper input validation in the shouldAllowFgsWhileInUsePermissionLocked function of ActiveServices.java. This could allow starting a foreground service fro...

7.8CVSS7.5AI score0.00106EPSS
Exploits0References3
CNNVD
CNNVDadded 2022/08/01 12:0 a.m.3 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. A security vulnerability exists in Google Android Open Source Project AOSP, which stems from an attacker exploiting information leakage to potentially enable further attacks. The following versions are affected: AOSP versio...

7.1CVSS5AI score0.00179EPSS
Exploits0References3
CNNVD
CNNVDadded 2022/08/01 12:0 a.m.2 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. Google Android suffers from a security vulnerability that originates from a vulnerability in the PowerVR-GPU component of Imagination Technologies...

5.5CVSS5.8AI score0.00093EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2022/07/13 7:15 p.m.3 views

CVE-2022-20234

In Car Settings app, the NotificationAccessConfirmationActivity is exported. In NotificationAccessConfirmationActivity, it gets both 'mComponentName' and 'pkgTitle' from user.An unprivileged app can use a malicous mComponentName with a benign pkgTitle e.g. Settings app to make users enable...

7.5CVSS7.1AI score0.00309EPSS
Exploits0References2
NVD
NVDadded 2022/07/13 7:15 p.m.13 views

CVE-2022-20226

In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12...

3.9CVSS0.00096EPSS
Exploits0References1
CNNVD
CNNVDadded 2022/07/12 12:0 a.m.4 views

SAMSUNG Mobile devices KnoxSDK 输入验证错误漏洞

Samsung KnoxSDK is an open source Android platform-based security solution from Samsung Samsung in South Korea that can enhance security across the board through a combination of physical means and software systems, while being perfectly compatible with the Android and Google ecosystems, bringing...

8.5CVSS5.5AI score0.00102EPSS
Exploits0References2
Rows per page
Query Builder