Filtered by vendor Google
Subscribe
Total
13189 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-21747 | 2 Google, Mediatek | 23 Android, Mt6771, Mt6779 and 20 more | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| In imgsensor, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478078; Issue ID: ALPS06478078. | |||||
| CVE-2022-21746 | 2 Google, Mediatek | 17 Android, Mt6771, Mt6779 and 14 more | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| In imgsensor, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479698; Issue ID: ALPS06479698. | |||||
| CVE-2022-21745 | 2 Google, Mediatek | 44 Android, Mt6761, Mt6762 and 41 more | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| In WIFI Firmware, there is a possible memory corruption due to a use after free. This could lead to remote escalation of privilege, when devices are connecting to the attacker-controllable Wi-Fi hotspot, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06468872; Issue ID: ALPS06468872. | |||||
| CVE-2022-21743 | 2 Google, Mediatek | 53 Android, Mt6580, Mt6735 and 50 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In ion, there is a possible use after free due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06371108; Issue ID: ALPS06371108. | |||||
| CVE-2022-21732 | 1 Google | 1 Tensorflow | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Tensorflow is an Open Source Machine Learning Framework. The implementation of `ThreadPoolHandle` can be used to trigger a denial of service attack by allocating too much memory. This is because the `num_threads` argument is only checked to not be negative, but there is no upper bound on its value. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | |||||
| CVE-2022-20600 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| In TBD of TBD, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239847859References: N/A | |||||
| CVE-2022-20599 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
| In Pixel firmware, there is a possible exposure of sensitive memory due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242332706References: N/A | |||||
| CVE-2022-20598 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| In sec_media_protect of media.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege of secure mode MFC Core with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242357514References: N/A | |||||
| CVE-2022-20597 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| In ppmpu_set of ppmpu.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243480506References: N/A | |||||
| CVE-2022-20596 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
| In sendChunk of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239700400References: N/A | |||||
| CVE-2022-20595 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
| In getWpcAuthChallengeResponse of WirelessCharger.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239700137References: N/A | |||||
| CVE-2022-20594 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
| In updateStart of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239567689References: N/A | |||||
| CVE-2022-20531 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Telecom, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2022-20443 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| In hasInputInfo of Layer.cpp, there is a possible bypass of user interaction requirements due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-194480991 | |||||
| CVE-2022-20440 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Messaging, There has unauthorized broadcast, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242259918 | |||||
| CVE-2022-20439 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Messaging, There has unauthorized provider, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242266172 | |||||
| CVE-2022-20438 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Messaging, There has unauthorized broadcast, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242259920 | |||||
| CVE-2022-20437 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Messaging, There has unauthorized broadcast, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242258929 | |||||
| CVE-2022-20436 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| There is an unauthorized service in the system service. Since the component does not have permission check, resulting in Local Elevation of privilege.Product: AndroidVersions: Android SoCAndroid ID: A-242248369 | |||||
| CVE-2022-20435 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| There is a Unauthorized service in the system service, may cause the system reboot. Since the component does not have permission check and permission protection, resulting in EoP problem.Product: AndroidVersions: Android SoCAndroid ID: A-242248367 | |||||