Total
7761 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-39852 | 1 Google | 1 Android | 2022-10-11 | N/A | 7.8 HIGH |
| A heap-based overflow vulnerability in makeContactAGIF in libagifencoder.quram.so library prior to SMR Oct-2022 Release 1 allows attacker to perform code execution. | |||||
| CVE-2022-39853 | 2 Google, Qualcomm | 3 Android, Sm8150, Sm8250 | 2022-10-11 | N/A | 7.8 HIGH |
| A use after free vulnerability in perf-mgr driver prior to SMR Oct-2022 Release 1 allows attacker to cause memory access fault. | |||||
| CVE-2022-39849 | 1 Google | 1 Android | 2022-10-08 | N/A | 3.3 LOW |
| Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data. | |||||
| CVE-2022-39850 | 1 Google | 1 Android | 2022-10-08 | N/A | 3.3 LOW |
| Improper access control in mum_container_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data. | |||||
| CVE-2022-39848 | 1 Google | 1 Android | 2022-10-08 | N/A | 3.3 LOW |
| Exposure of sensitive information in AT_Distributor prior to SMR Oct-2022 Release 1 allows local attacker to access SerialNo via log. | |||||
| CVE-2022-39854 | 2 Google, Samsung | 2 Android, Exynos | 2022-10-08 | N/A | 7.8 HIGH |
| Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory. | |||||
| CVE-2022-39856 | 1 Google | 1 Android | 2022-10-08 | N/A | 3.3 LOW |
| Improper access control vulnerability in imsservice application prior to SMR Oct-2022 Release 1 allows local attackers to access call information. | |||||
| CVE-2020-11875 | 1 Google | 1 Android | 2022-10-05 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10.0 (MTK chipsets) software. The MTK kernel does not properly implement exception handling, allowing an attacker to gain privileges. The LG ID is LVE-SMP-200001 (February 2020). | |||||
| CVE-2022-0804 | 4 Apple, Google, Linux and 1 more | 5 Macos, Android, Chrome and 2 more | 2022-09-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
| CVE-2022-0802 | 4 Apple, Google, Linux and 1 more | 5 Macos, Android, Chrome and 2 more | 2022-09-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
| CVE-2021-39714 | 1 Google | 1 Android | 2022-09-28 | 4.6 MEDIUM | 7.8 HIGH |
| In ion_buffer_kmap_get of ion.c, there is a possible use-after-free due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205573273References: Upstream kernel | |||||
| CVE-2021-25472 | 1 Google | 1 Android | 2022-09-23 | 2.1 LOW | 3.3 LOW |
| An improper access control vulnerability in BluetoothSettingsProvider prior to SMR Oct-2021 Release 1 allows untrusted application to overwrite some Bluetooth information. | |||||
| CVE-2021-25518 | 1 Google | 1 Android | 2022-09-23 | 4.6 MEDIUM | 6.7 MEDIUM |
| An improper boundary check in secure_log of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25489 | 2 Google, Samsung | 2 Android, Exynos | 2022-09-23 | 4.9 MEDIUM | 5.5 MEDIUM |
| Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic. | |||||
| CVE-2021-25340 | 1 Google | 1 Android | 2022-09-23 | 2.1 LOW | 2.4 LOW |
| Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1 allows physically proximate attackers to change in arbitrary settings during Initialization State. | |||||
| CVE-2021-25351 | 2 Google, Samsung | 2 Android, Account | 2022-09-23 | 2.1 LOW | 2.4 LOW |
| Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password. | |||||
| CVE-2021-25360 | 1 Google | 1 Android | 2022-09-23 | 7.5 HIGH | 9.8 CRITICAL |
| An improper input validation vulnerability in libswmfextractor library prior to SMR APR-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | |||||
| CVE-2021-25361 | 1 Google | 1 Android | 2022-09-23 | 7.2 HIGH | 8.8 HIGH |
| An improper access control vulnerability in stickerCenter prior to SMR APR-2021 Release 1 allows local attackers to read or write arbitrary files of system process via untrusted applications. | |||||
| CVE-2021-25383 | 1 Google | 1 Android | 2022-09-23 | 7.5 HIGH | 9.8 CRITICAL |
| An improper input validation vulnerability in scmn_mfal_read() in libsapeextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | |||||
| CVE-2021-25385 | 1 Google | 1 Android | 2022-09-23 | 7.5 HIGH | 9.8 CRITICAL |
| An improper input validation vulnerability in sdfffd_parse_chunk_PROP() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | |||||