Lucene search
K

761 matches found

OSV
OSV
added 2022/08/12 3:15 p.m.3 views

CVE-2022-20255

In SettingsProvider, there is a possible way to read or change the default ringtone due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

4.4CVSS5.9AI score0.00087EPSS
Exploits0References1
OSV
OSV
added 2022/08/12 3:15 p.m.3 views

CVE-2022-20268

In RestrictionsManager, there is a possible way to send a broadcast that should be restricted to system apps due to a permissions bypass. This could lead to local escalation of privilege on an enterprise managed device with no additional execution privileges needed. User interaction is not needed...

7.8CVSS5.9AI score0.001EPSS
Exploits0References1
OSV
OSV
added 2022/08/12 3:15 p.m.4 views

CVE-2022-20266

In Companion, there is a possible way to keep a service running with elevated importance without showing foreground service notification due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed fo...

5CVSS5.9AI score0.00099EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/08/12 3:15 p.m.8 views

CVE-2022-20255

In SettingsProvider, there is a possible way to read or change the default ringtone due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

4.4CVSS5.9AI score0.00087EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/08/12 3:15 p.m.9 views

CVE-2022-20265

In Settings, there is a possible way to bypass factory reset permissions due to a permissions bypass. This could lead to local escalation of privilege with physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

4.6CVSS5.9AI score0.0013EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/08/12 3:15 p.m.4 views

CVE-2022-20267

In bluetooth, there is a possible way to enable or disable bluetooth connection without user consent due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

3.3CVSS5.9AI score0.00086EPSS
Exploits0References2
OSV
OSV
added 2022/08/12 3:15 p.m.1 views

CVE-2022-20258

In Bluetooth, there is a possible way to bypass compiler exploit mitigations due to a configuration error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android I...

7.8CVSS5.9AI score0.001EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/08/12 3:15 p.m.11 views

CVE-2022-20261

In LocationManager, there is a possible way to get location information due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

2.3CVSS5.9AI score0.00093EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/08/12 3:15 p.m.5 views

CVE-2022-20260

In the Phone app, there is a possible crash loop due to resource exhaustion. This could lead to local persistent denial of service in the Phone app with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-220865698...

5.5CVSS6.1AI score0.00098EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/08/12 3:15 p.m.6 views

CVE-2022-20258

In Bluetooth, there is a possible way to bypass compiler exploit mitigations due to a configuration error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android I...

7.8CVSS7.2AI score0.001EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/08/12 3:15 p.m.7 views

CVE-2022-20256

In the Audio HAL, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222572821...

6.4CVSS6.7AI score0.00073EPSS
Exploits0References2
OSV
OSV
added 2022/08/12 3:15 p.m.4 views

CVE-2022-20254

In Wi-Fi, there is a permissions bypass. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-223377547...

8.8CVSS5.9AI score0.00175EPSS
Exploits0References1
OSV
OSV
added 2022/08/12 3:15 p.m.5 views

CVE-2022-20257

In Bluetooth, there is a possible way to pair a display only device without PIN confirmation due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

3.3CVSS5.9AI score0.00092EPSS
Exploits0References1
OSV
OSV
added 2022/08/12 3:15 p.m.4 views

CVE-2022-20253

In Bluetooth, there is a possible cleanup failure due to an uncaught exception. This could lead to remote denial of service in Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224545125...

6.5CVSS5.9AI score0.00218EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/08/12 3:15 p.m.4 views

CVE-2022-20257

In Bluetooth, there is a possible way to pair a display only device without PIN confirmation due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

3.3CVSS5.9AI score0.00092EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/08/12 3:15 p.m.5 views

CVE-2022-20253

In Bluetooth, there is a possible cleanup failure due to an uncaught exception. This could lead to remote denial of service in Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224545125...

6.5CVSS6.7AI score0.00218EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/08/12 3:15 p.m.7 views

CVE-2022-20254

In Wi-Fi, there is a permissions bypass. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-223377547...

8.8CVSS7.4AI score0.00175EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/08/12 3:15 p.m.5 views

CVE-2022-20259

In Telephony, there is a possible leak of ICCID and EID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-221431393...

5.5CVSS6.1AI score0.00089EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/08/12 3:15 p.m.6 views

CVE-2022-20263

In ActivityManager, there is a way to read process state for other users due to a missing permission check. This could lead to local information disclosure of app usage with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Andro...

5.5CVSS6.1AI score0.00089EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/08/12 3:15 p.m.5 views

CVE-2022-20262

In ActivityManager, there is a possible way to check another process's capabilities due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android...

3.3CVSS5.9AI score0.00089EPSS
Exploits0References2
Rows per page
Query Builder