Total
7761 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-33698 | 1 Google | 1 Android | 2022-07-16 | 2.1 LOW | 3.3 LOW |
| Exposure of Sensitive Information in Telecom application prior to SMR Jul-2022 Release 1 allows local attackers to access ICCID via log. | |||||
| CVE-2022-33699 | 1 Google | 1 Android | 2022-07-16 | 2.1 LOW | 2.3 LOW |
| Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log. | |||||
| CVE-2022-33700 | 1 Google | 1 Android | 2022-07-16 | 2.1 LOW | 2.3 LOW |
| Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log. | |||||
| CVE-2022-33703 | 1 Google | 1 Android | 2022-07-16 | 4.6 MEDIUM | 7.8 HIGH |
| Improper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities. | |||||
| CVE-2022-33704 | 1 Google | 1 Android | 2022-07-16 | 4.6 MEDIUM | 7.8 HIGH |
| Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities. | |||||
| CVE-2022-33695 | 1 Google | 1 Android | 2022-07-15 | 4.6 MEDIUM | 7.8 HIGH |
| Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows unauthorized access to the service. | |||||
| CVE-2022-33694 | 1 Google | 1 Android | 2022-07-15 | 2.1 LOW | 3.3 LOW |
| Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting. | |||||
| CVE-2022-33693 | 1 Google | 1 Android | 2022-07-15 | 2.1 LOW | 2.3 LOW |
| Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log. | |||||
| CVE-2022-21787 | 2 Google, Mediatek | 13 Android, Mt6833, Mt6853 and 10 more | 2022-07-14 | 4.6 MEDIUM | 6.7 MEDIUM |
| In audio DSP, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558844; Issue ID: ALPS06558844. | |||||
| CVE-2021-25501 | 1 Google | 1 Android | 2022-07-14 | 2.1 LOW | 3.3 LOW |
| An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers. | |||||
| CVE-2021-25431 | 2 Google, Samsung | 2 Android, Cameralyzer | 2022-07-14 | 2.1 LOW | 5.5 MEDIUM |
| Improper access control vulnerability in Cameralyzer prior to versions 3.2.1041 in 3.2.x, 3.3.1040 in 3.3.x, and 3.4.4210 in 3.4.x allows untrusted applications to access some functions of Cameralyzer. | |||||
| CVE-2021-25417 | 1 Google | 1 Android | 2022-07-14 | 5.0 MEDIUM | 7.5 HIGH |
| Improper authorization in SDP SDK prior to SMR JUN-2021 Release 1 allows access to internal storage. | |||||
| CVE-2021-25412 | 1 Google | 1 Android | 2022-07-14 | 7.2 HIGH | 7.8 HIGH |
| An improper access control vulnerability in genericssoservice prior to SMR JUN-2021 Release 1 allows local attackers to execute protected activity with system privilege via untrusted applications. | |||||
| CVE-2021-25374 | 2 Google, Samsung | 2 Android, Members | 2022-07-14 | 5.0 MEDIUM | 7.5 HIGH |
| An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account. | |||||
| CVE-2021-25369 | 1 Google | 1 Android | 2022-07-14 | 2.1 LOW | 5.5 MEDIUM |
| An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace. | |||||
| CVE-2021-25337 | 1 Google | 1 Android | 2022-07-14 | 5.8 MEDIUM | 7.1 HIGH |
| Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files. | |||||
| CVE-2021-25336 | 1 Google | 1 Android | 2022-07-14 | 4.3 MEDIUM | 3.3 LOW |
| Improper access control in NotificationManagerService in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to acquire notification access via sending a crafted malicious intent. | |||||
| CVE-2022-21764 | 2 Google, Mediatek | 45 Android, Mt6739, Mt6761 and 42 more | 2022-07-14 | 2.1 LOW | 5.5 MEDIUM |
| In telecom service, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07044717; Issue ID: ALPS07044717. | |||||
| CVE-2022-21763 | 2 Google, Mediatek | 45 Android, Mt6739, Mt6761 and 42 more | 2022-07-14 | 2.1 LOW | 5.5 MEDIUM |
| In telecom service, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07044717; Issue ID: ALPS07044708. | |||||
| CVE-2022-21770 | 2 Google, Mediatek | 10 Android, Mt6781, Mt6877 and 7 more | 2022-07-14 | 4.6 MEDIUM | 6.7 MEDIUM |
| In sound driver, there is a possible information disclosure due to symlink following. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558663; Issue ID: ALPS06558663. | |||||