Total
8912 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-30717 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 4.0 MEDIUM |
|
Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1 allows untrusted applications to use some camera functions via deeplink.
|
|||||
| CVE-2022-30716 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 4.0 MEDIUM |
|
Unprotected broadcast in sendIntentForToastDumpLog in DisplayToast prior to SMR Jun-2022 Release 1 allows untrusted applications to access toast message information from device.
|
|||||
| CVE-2022-30715 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 4.0 MEDIUM |
|
Improper access control vulnerability in DofViewer prior to SMR Jun-2022 Release 1 allows attackers to control floating system alert window.
|
|||||
| CVE-2022-30714 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 1.9 LOW |
|
Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.
|
|||||
| CVE-2022-30713 | 1 Google | 1 Android | 2024-11-21 | 9.4 HIGH | 8.5 HIGH |
|
Improper validation vulnerability in LSOItemData prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.
|
|||||
| CVE-2022-30712 | 1 Google | 1 Android | 2024-11-21 | 6.4 MEDIUM | 8.5 HIGH |
|
Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.
|
|||||
| CVE-2022-30711 | 1 Google | 1 Android | 2024-11-21 | 9.4 HIGH | 8.5 HIGH |
|
Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.
|
|||||
| CVE-2022-30710 | 1 Google | 1 Android | 2024-11-21 | 9.4 HIGH | 8.5 HIGH |
|
Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.
|
|||||
| CVE-2022-30709 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 2.5 LOW |
|
Improper input validation check logic vulnerability in SECRIL prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.
|
|||||
| CVE-2022-2623 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Offline in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.
|
|||||
| CVE-2022-2611 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
|||||
| CVE-2022-2479 | 1 Google | 2 Android, Chrome | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page.
|
|||||
| CVE-2022-28794 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 2.2 LOW |
|
Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows local attackers to get SIM card information.
|
|||||
| CVE-2022-28788 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
|
Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.
|
|||||
| CVE-2022-28787 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
|
Improper buffer size check logic in wmfextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.
|
|||||
| CVE-2022-28786 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
|
Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.
|
|||||
| CVE-2022-28785 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
|
Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.
|
|||||
| CVE-2022-28784 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
|
Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to list file names in arbitrary directory as system user. The patch addresses incorrect implementation of file path validation check logic.
|
|||||
| CVE-2022-28783 | 1 Google | 1 Android | 2024-11-21 | 3.6 LOW | 6.2 MEDIUM |
|
Improper validation of removing package name in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to uninstall arbitrary packages without permission. The patch adds proper validation logic for removing package name.
|
|||||
| CVE-2022-28782 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
|
Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability.
|
|||||
| CVE-2022-28781 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.7 HIGH |
|
Improper input validation in Settings prior to SMR-May-2022 Release 1 allows attackers to launch arbitrary activity with system privilege. The patch adds proper validation logic to check the caller.
|
|||||
| CVE-2022-28780 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.0 MEDIUM |
|
Improper access control vulnerability in Weather prior to SMR May-2022 Release 1 allows that attackers can access location information that set in Weather without permission. The patch adds proper protection to prevent access to location information.
|
|||||
| CVE-2022-28605 | 3 Apple, Google, Linkplay | 3 Iphone Os, Android, Sound Bar | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Hardcoded admin token in SoundBar apps in Linkplay SDK 1.00 allows remote attackers to gain admin privilege access in linkplay antifactory
|
|||||
| CVE-2022-27837 | 2 Google, Samsung | 2 Android, Accessibility | 2024-11-21 | 9.3 HIGH | 4.4 MEDIUM |
|
A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0) allows attacker to access the file with system privilege.
|
|||||
| CVE-2022-27836 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
|
Improper access control and path traversal vulnerability in Storage Manager and Storage Manager Service prior to SMR Apr-2022 Release 1 allow local attackers to access arbitrary system files without a proper permission. The patch adds proper validation logic to prevent arbitrary files access.
|
|||||
| CVE-2022-27835 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.6 HIGH |
|
Improper boundary check in UWB firmware prior to SMR Apr-2022 Release 1 allows arbitrary memory write.
|
|||||
| CVE-2022-27834 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 4.4 MEDIUM | 2.9 LOW |
|
Use after free vulnerability in dsp_context_unload_graph function of DSP driver prior to SMR Apr-2022 Release 1 allows attackers to perform malicious actions.
|
|||||
| CVE-2022-27833 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 4.6 MEDIUM | 4.4 MEDIUM |
|
Improper input validation in DSP driver prior to SMR Apr-2022 Release 1 allows out-of-bounds write by integer overflow.
|
|||||
| CVE-2022-27832 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
|
Improper boundary check in media.extractor library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via a crafted media file.
|
|||||
| CVE-2022-27831 | 1 Google | 1 Android | 2024-11-21 | 3.6 LOW | 2.9 LOW |
|
Improper boundary check in sflvd_rdbuf_bits of libsflvextractor prior to SMR Apr-2022 Release 1 allows attackers to read out of bounds memory.
|
|||||
| CVE-2022-27830 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 8.5 HIGH |
|
Improper validation vulnerability in SemBlurInfo prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.
|
|||||
| CVE-2022-27829 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 8.5 HIGH |
|
Improper validation vulnerability in VerifyCredentialResponse prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.
|
|||||
| CVE-2022-27828 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 8.5 HIGH |
|
Improper validation vulnerability in MediaMonitorEvent prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.
|
|||||
| CVE-2022-27827 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 8.5 HIGH |
|
Improper validation vulnerability in MediaMonitorDimension prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.
|
|||||
| CVE-2022-27826 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 8.5 HIGH |
|
Improper validation vulnerability in SemSuspendDialogInfo prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.
|
|||||
| CVE-2022-27825 | 1 Google | 1 Android | 2024-11-21 | 5.8 MEDIUM | 4.0 MEDIUM |
|
Improper size check in sapefd_parse_meta_HEADER function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file.
|
|||||
| CVE-2022-27824 | 1 Google | 1 Android | 2024-11-21 | 5.8 MEDIUM | 4.0 MEDIUM |
|
Improper size check of in sapefd_parse_meta_DESCRIPTION function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file
|
|||||
| CVE-2022-27823 | 1 Google | 1 Android | 2024-11-21 | 5.8 MEDIUM | 4.0 MEDIUM |
|
Improper size check in sapefd_parse_meta_HEADER_old function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file.
|
|||||
| CVE-2022-27822 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 6.6 MEDIUM |
|
Information exposure vulnerability in ril property setting prior to SMR April-2022 Release 1 allows access to EF_RUIMID value without permission.
|
|||||
| CVE-2022-27821 | 1 Google | 1 Android | 2024-11-21 | 4.3 MEDIUM | 4.0 MEDIUM |
|
Improper boundary check in Quram Agif library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via crafted image file.
|
|||||