Total
7761 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-0368 | 1 Google | 1 Android | 2022-08-06 | 2.1 LOW | 3.3 LOW |
| In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper input validation. This could lead to local information disclosure of voicemail metadata with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-143230980 | |||||
| CVE-2022-26430 | 3 Google, Mediatek, Yoctoproject | 25 Android, Mt6833, Mt6853 and 22 more | 2022-08-05 | N/A | 6.7 MEDIUM |
| In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032521; Issue ID: ALPS07032521. | |||||
| CVE-2022-26435 | 3 Google, Mediatek, Yoctoproject | 32 Android, Mt6833, Mt6853 and 29 more | 2022-08-05 | N/A | 6.7 MEDIUM |
| In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138435; Issue ID: ALPS07138435. | |||||
| CVE-2022-26432 | 3 Google, Mediatek, Yoctoproject | 25 Android, Mt6833, Mt6853 and 22 more | 2022-08-05 | N/A | 6.7 MEDIUM |
| In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032542; Issue ID: ALPS07032542. | |||||
| CVE-2022-26433 | 3 Google, Mediatek, Yoctoproject | 32 Android, Mt6833, Mt6853 and 29 more | 2022-08-05 | N/A | 6.7 MEDIUM |
| In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138400; Issue ID: ALPS07138400. | |||||
| CVE-2022-26431 | 3 Google, Mediatek, Yoctoproject | 25 Android, Mt6833, Mt6853 and 22 more | 2022-08-05 | N/A | 6.7 MEDIUM |
| In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032553; Issue ID: ALPS07032553. | |||||
| CVE-2022-26434 | 3 Google, Mediatek, Yoctoproject | 32 Android, Mt6833, Mt6853 and 29 more | 2022-08-05 | N/A | 6.7 MEDIUM |
| In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138450; Issue ID: ALPS07138450. | |||||
| CVE-2022-26436 | 2 Google, Mediatek | 5 Android, Mt6855, Mt6879 and 2 more | 2022-08-05 | N/A | 4.4 MEDIUM |
| In emi mpu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07023666; Issue ID: ALPS07023666. | |||||
| CVE-2022-26428 | 2 Google, Mediatek | 12 Android, Mt6739, Mt6761 and 9 more | 2022-08-05 | N/A | 6.4 MEDIUM |
| In video codec, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521260; Issue ID: ALPS06521260. | |||||
| CVE-2022-26427 | 2 Google, Mediatek | 6 Android, Mt6833, Mt6853 and 3 more | 2022-08-05 | N/A | 6.7 MEDIUM |
| In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085540; Issue ID: ALPS07085540. | |||||
| CVE-2022-26426 | 2 Google, Mediatek | 22 Android, Mt6833, Mt6853 and 19 more | 2022-08-05 | N/A | 6.7 MEDIUM |
| In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085486; Issue ID: ALPS07085486. | |||||
| CVE-2022-21792 | 2 Google, Mediatek | 11 Android, Mt6833, Mt6853 and 8 more | 2022-08-05 | N/A | 6.7 MEDIUM |
| In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085410; Issue ID: ALPS07085410. | |||||
| CVE-2022-21791 | 2 Google, Mediatek | 7 Android, Mt6833, Mt6853 and 4 more | 2022-08-05 | N/A | 4.4 MEDIUM |
| In camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478059; Issue ID: ALPS06478059. | |||||
| CVE-2022-21790 | 2 Google, Mediatek | 6 Android, Mt6833, Mt6853 and 3 more | 2022-08-05 | N/A | 4.4 MEDIUM |
| In camera isp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479306; Issue ID: ALPS06479306. | |||||
| CVE-2022-21789 | 2 Google, Mediatek | 21 Android, Mt6779, Mt6781 and 18 more | 2022-08-05 | N/A | 6.4 MEDIUM |
| In audio ipi, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478101; Issue ID: ALPS06478101. | |||||
| CVE-2022-21788 | 2 Google, Mediatek | 4 Android, Mt6879, Mt6895 and 1 more | 2022-08-05 | N/A | 6.7 MEDIUM |
| In scp, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06988728; Issue ID: ALPS06988728. | |||||
| CVE-2021-25490 | 1 Google | 1 Android | 2022-08-01 | 3.6 LOW | 6.0 MEDIUM |
| A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged process. | |||||
| CVE-2021-25500 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2022-08-01 | 2.1 LOW | 4.4 MEDIUM |
| A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise. | |||||
| CVE-2021-25515 | 1 Google | 1 Android | 2022-08-01 | 2.1 LOW | 3.3 LOW |
| An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID. | |||||
| CVE-2021-25444 | 1 Google | 1 Android | 2022-08-01 | 2.1 LOW | 5.5 MEDIUM |
| An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process. | |||||