CVE-2022-20486

In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2022-20611

In deletePackageVersionedInternal of DeletePackageHelper.java, there is a possible way to bypass carrier restrictions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2022-20485

In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

Improper access control

Improper access control vulnerability in Calendar prior to versions 11.6.08.0 in Android Q10, 12.2.11.3000 in Android R11, 12.3.07.2000 in Android S12, and 12.4.02.0 in Android T13 allows attackers to access sensitive information via implicit intent...

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. Also fixed vulnerabilities in closed-source parts of Android that are developed by third parties, such as Qualcomm and Mediatek. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks that lead to the following...

CVE-2022-20448

In buzzBeepBlinkLocked of NotificationManagerService.java, there is a possible way to share data across users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2022-20445

In processservicesearchrsp of sdpdiscovery.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2022-20414

In setImpl of AlarmManagerService.java, there is a possible way to put a device into a boot loop due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Vulnerabilities fixed in Google Android and Samsung Devices

Google has fixed several vulnerabilities in Google Android. A malicious party can exploit the vulnerabilities to cause the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to sensitive data Access to system data...

CVE-2022-20388

Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227323...

Vulnerabilities fixed in Android

Google has fixed vulnerabilities in the Android operating system. A malicious person could exploit them to cause the following categories of damage: Remote code execution Administrator/Root privileges Access to sensitive data Access to system data Increased user privileges To exploit the...

PT-2022-14464 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In Telephony, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure wi...

PT-2022-14465 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In Core Utilities, there is a possible log information disclosure. This could lead to local information disclosure of sensitive browsing data with System execution privileges needed. User interaction i...

Vulnerabilities fixed in Android

Google has fixed vulnerabilities in Android. Samsung has fixed these vulnerabilities fixed in Samsung Mobile. The vulnerabilities potentially enable a malicious person to carry out attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights...

Vulnerabilities fixed in Google Android and Samsung Mobile

Google has fixed vulnerabilities in Android. In addition to the vulnerabilities fixed by Google fixed vulnerabilities, Samsung itself has fixed 41 other vulnerabilities fixed in Samsung Mobile. The vulnerabilities potentially enable a malicious person to carry out attacks that lead to the followi...

Vulnerabilities fixed in Google Android and Samsung Mobile (Android)

Google has fixed several vulnerabilities in Android. In addition to the vulnerabilities fixed by Google, Samsung has also fixed 21 additional vulnerabilities fixed specifically for Samsung Mobile hardware. A malicious party could potentially exploit them to cause the following categories of damag...

Google Android 安全漏洞

Google Android is a Linux-based open-source operating system from the U.S. company Google Google. Google Android has security vulnerabilities that can be exploited by attackers to escalate privileges...

Vulnerabilities fixed in Google Android

Vulnerabilities have been fixed in Google Android. The vulnerabilities allow a malicious person to carry out attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Access to sensitive data Increased user privileges The vulnerability with attribute...

Vulnerabilities fixed in Google Android

Vulnerabilities have been fixed in Google Android. The vulnerabilities allow a malicious person to carry out attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Access to sensitive data Increased user privileges The vulnerability with attribute...

PT-2021-13386 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-11 Android version Android-12 Description: The issue is related to improper input validation in the enqueueNotificationInternal method of NotificationManagerService.java. This could allow a foregrou...