Total
8912 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-39900 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.6 MEDIUM |
|
Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice Catch.
|
|||||
| CVE-2022-39899 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.7 MEDIUM |
|
Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture.
|
|||||
| CVE-2022-39898 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
|
Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of usim.
|
|||||
| CVE-2022-39897 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log.
|
|||||
| CVE-2022-39896 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
|
Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.
|
|||||
| CVE-2022-39895 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
|
Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent.
|
|||||
| CVE-2022-39894 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
|
Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.
|
|||||
| CVE-2022-39887 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting.
|
|||||
| CVE-2022-39886 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.9 MEDIUM |
|
Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022 Release 1 allows local attacker to access Device information.
|
|||||
| CVE-2022-39885 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.9 MEDIUM |
|
Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to SMR Nov-2022 Release 1 allows local attacker to access to Device information.
|
|||||
| CVE-2022-39884 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information.
|
|||||
| CVE-2022-39883 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
|
Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged API.
|
|||||
| CVE-2022-39882 | 1 Google | 1 Android | 2024-11-21 | N/A | 8.0 HIGH |
|
Heap overflow vulnerability in sflacf_fal_bytes_peek function in libsmat.so library prior to SMR Nov-2022 Release 1 allows local attacker to execute arbitrary code.
|
|||||
| CVE-2022-39880 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.1 HIGH |
|
Improper input validation vulnerability in DualOutFocusViewer prior to SMR Nov-2022 Release 1 allows local attacker to perform an arbitrary code execution.
|
|||||
| CVE-2022-39879 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.9 MEDIUM |
|
Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone uid.
|
|||||
| CVE-2022-39877 | 2 Google, Samsung | 2 Android, Group Sharing | 2024-11-21 | N/A | 4.0 MEDIUM |
|
Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device.
|
|||||
| CVE-2022-39862 | 2 Google, Samsung | 2 Android, Dynamic Lockscreen | 2024-11-21 | N/A | 5.3 MEDIUM |
|
Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R(11) and 3.3.03.66 in Android S(12) allows unauthorized use of javascript interface api.
|
|||||
| CVE-2022-39856 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
|
Improper access control vulnerability in imsservice application prior to SMR Oct-2022 Release 1 allows local attackers to access call information.
|
|||||
| CVE-2022-39855 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.1 MEDIUM |
|
Improper access control vulnerability in FACM application prior to SMR Oct-2022 Release 1 allows a local attacker to connect arbitrary AP and Bluetooth devices.
|
|||||
| CVE-2022-39854 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | N/A | 6.4 MEDIUM |
|
Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory.
|
|||||
| CVE-2022-39853 | 2 Google, Qualcomm | 3 Android, Sm8150, Sm8250 | 2024-11-21 | N/A | 4.4 MEDIUM |
|
A use after free vulnerability in perf-mgr driver prior to SMR Oct-2022 Release 1 allows attacker to cause memory access fault.
|
|||||
| CVE-2022-39852 | 1 Google | 1 Android | 2024-11-21 | N/A | 8.0 HIGH |
|
A heap-based overflow vulnerability in makeContactAGIF in libagifencoder.quram.so library prior to SMR Oct-2022 Release 1 allows attacker to perform code execution.
|
|||||
| CVE-2022-39851 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
|
Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS permission.
|
|||||
| CVE-2022-39850 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
Improper access control in mum_container_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.
|
|||||
| CVE-2022-39849 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
|
Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.
|
|||||
| CVE-2022-39848 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
|
Exposure of sensitive information in AT_Distributor prior to SMR Oct-2022 Release 1 allows local attacker to access SerialNo via log.
|
|||||
| CVE-2022-39847 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.9 MEDIUM |
|
Use after free vulnerability in set_nft_pid and signal_handler function of NFC driver prior to SMR Oct-2022 Release 1 allows attackers to perform malicious actions.
|
|||||
| CVE-2022-39119 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 7.8 HIGH |
|
In network service, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
|
|||||
| CVE-2022-38685 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In bluetooth service, there is a possible missing permission check. This could lead to local denial of service in bluetooth service with no additional execution privileges needed.
|
|||||
| CVE-2022-38671 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
|
|||||
| CVE-2022-36868 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.9 MEDIUM |
|
Improper restriction of broadcasting Intent in MouseNKeyHidDevice prior to SMR Oct-2022 Release 1 leaks MAC address of the connected Bluetooth device.
|
|||||
| CVE-2022-36866 | 2 Google, Samsung | 2 Android, Group Sharing | 2024-11-21 | N/A | 4.0 MEDIUM |
|
Improper access control vulnerability in Broadcaster in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device.
|
|||||
| CVE-2022-36865 | 2 Google, Samsung | 2 Android, Group Sharing | 2024-11-21 | N/A | 4.0 MEDIUM |
|
Improper access control in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to access device information.
|
|||||
| CVE-2022-36863 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
|
|||||
| CVE-2022-36862 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
A heap-based overflow vulnerability in HWR::EngineCJK::Impl::Construct() in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
|
|||||
| CVE-2022-36861 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.9 MEDIUM |
|
Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystemUI privilege.
|
|||||
| CVE-2022-36860 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
A heap-based overflow vulnerability in LoadEnvironment function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
|
|||||
| CVE-2022-36858 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
|
A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc() function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
|
|||||
| CVE-2022-36857 | 2 Google, Samsung | 2 Android, Photo Editor | 2024-11-21 | N/A | 1.9 LOW |
|
Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data.
|
|||||
| CVE-2022-36856 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.0 MEDIUM |
|
Improper access control vulnerability in Telecom application prior to SMR Sep-2022 Release 1 allows attacker to start emergency calls via undefined permission.
|
|||||