Total
6931 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20336 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
In Settings, there is a possible installed application disclosure due to a missing permission check. This could lead to local information disclosure of applications allow-listed to use the network during VPN lockdown mode with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-177239688
|
|||||
| CVE-2022-20335 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
In Wifi Slice, there is a possible way to adjust Wi-Fi settings even when the permission has been disabled due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-178014725
|
|||||
| CVE-2022-20330 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.5 LOW |
|
In Bluetooth, there is a possible way to connect or disconnect bluetooth devices without user awareness due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-181962588
|
|||||
| CVE-2022-20329 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In Wifi, there is a possible way to enable Wifi without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-183410556
|
|||||
| CVE-2022-20328 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
In PackageManager, there is a possible way to determine whether an app is installed due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-184948501
|
|||||
| CVE-2022-20327 | 1 Google | 1 Android | 2024-11-21 | N/A | 2.8 LOW |
|
In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-185126813
|
|||||
| CVE-2022-20326 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In Telephony, there is a possible disclosure of SIM identifiers due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-185235527
|
|||||
| CVE-2022-20323 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In PackageManager, there is a possible package installation disclosure due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187176203
|
|||||
| CVE-2022-20322 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In PackageManager, there is a possible installed package disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187176993
|
|||||
| CVE-2022-20321 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
In Settings, there is a possible way for an application without permissions to read content of WiFi QR codes due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187176859
|
|||||
| CVE-2022-20315 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
In ActivityManager, there is a possible disclosure of installed packages due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-191058227
|
|||||
| CVE-2022-20312 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In WifiP2pManager, there is a possible toobtain WiFi P2P MAC address without user consent due to missing permission check. This could lead to local information disclosure without additional execution privileges needed. User interaction is not needed forexploitationProduct: AndroidVersions: Android-13Android ID: A-192244925
|
|||||
| CVE-2022-20311 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-192663553
|
|||||
| CVE-2022-20310 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-192663798
|
|||||
| CVE-2022-20305 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
In ContentService, there is a possible disclosure of available account types due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-199751623
|
|||||
| CVE-2022-20303 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In ContentService, there is a possible way to determine if an account is on the device without GET_ACCOUNTS permission due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-200573021
|
|||||
| CVE-2022-20301 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In Content, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-200956614
|
|||||
| CVE-2022-20300 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In Content, there is a possible way to check if the given account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-200956588
|
|||||
| CVE-2022-20299 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In ContentService, there is a possible way to check if the given account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-201415895
|
|||||
| CVE-2022-20298 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-201416182
|
|||||
| CVE-2022-20296 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-201794303
|
|||||
| CVE-2022-20295 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-202160584
|
|||||
| CVE-2022-20294 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In Content, there is a possible way to learn about an account present on the device due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-202160705
|
|||||
| CVE-2022-20284 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In Telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of phone accounts with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231986341
|
|||||
| CVE-2022-20282 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In AppWidget, there is a possible way to start an activity from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-204083104
|
|||||
| CVE-2022-20281 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In Core, there is a possible way to start an activity from the background due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-204083967
|
|||||
| CVE-2022-20274 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In Keyguard, there is a missing permission check. This could lead to local escalation of privilege and prevention of screen timeout with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-206470146
|
|||||
| CVE-2022-20267 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
In bluetooth, there is a possible way to enable or disable bluetooth connection without user consent due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-211646835
|
|||||
| CVE-2022-20263 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In ActivityManager, there is a way to read process state for other users due to a missing permission check. This could lead to local information disclosure of app usage with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-217935264
|
|||||
| CVE-2022-20262 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
In ActivityManager, there is a possible way to check another process's capabilities due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-218338453
|
|||||
| CVE-2022-20261 | 1 Google | 1 Android | 2024-11-21 | N/A | 2.3 LOW |
|
In LocationManager, there is a possible way to get location information due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-219835125
|
|||||
| CVE-2022-20259 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In Telephony, there is a possible leak of ICCID and EID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-221431393
|
|||||
| CVE-2022-20255 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In SettingsProvider, there is a possible way to read or change the default ringtone due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222687217
|
|||||
| CVE-2022-20225 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
In getSubscriptionProperty of SubscriptionController.java, there is a possible read of a sensitive identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-213457638
|
|||||
| CVE-2022-20206 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
In setPackageOrComponentEnabled of NotificationManagerService.java, there is a missing permission check. This could lead to local information disclosure about enabled notification listeners with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-220737634
|
|||||
| CVE-2022-20204 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
In registerRemoteBugreportReceivers of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-171495100
|
|||||
| CVE-2022-20200 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
In updateApState of SoftApManager.java, there is a possible leak of hotspot state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-212695058
|
|||||
| CVE-2022-20182 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
In handle_ramdump of pixel_loader.c, there is a possible way to create a ramdump of non-secure memory due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222348453References: N/A
|
|||||
| CVE-2022-20172 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
In onbind of ShannonRcsService.java, there is a possible access to protect data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-206987222References: N/A
|
|||||
| CVE-2022-20138 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
In ACTION_MANAGED_PROFILE_PROVISIONED of DevicePolicyManagerService.java, there is a possible way for unprivileged app to send MANAGED_PROFILE_PROVISIONED intent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-210469972
|
|||||