Filtered by vendor Google
Subscribe
Total
11915 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20585 | 1 Google | 1 Android | 2022-12-21 | N/A | 7.8 HIGH |
| In valid_out_of_special_sec_dram_addr of drm_access_control.c, there is a possible EoP due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238716781References: N/A | |||||
| CVE-2022-20584 | 1 Google | 1 Android | 2022-12-21 | N/A | 7.8 HIGH |
| In page_number of shared_mem.c, there is a possible code execution in secure world due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238366009References: N/A | |||||
| CVE-2022-20583 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.7 MEDIUM |
| In ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in S-EL1 with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234859169References: N/A | |||||
| CVE-2022-20582 | 1 Google | 1 Android | 2022-12-21 | N/A | 7.8 HIGH |
| In ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-233645166References: N/A | |||||
| CVE-2022-20564 | 1 Google | 1 Android | 2022-12-20 | N/A | 6.7 MEDIUM |
| In _ufdt_output_strtab_to_fdt of ufdt_convert.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243798789References: N/A | |||||
| CVE-2022-20558 | 1 Google | 1 Android | 2022-12-20 | N/A | 3.3 LOW |
| In registerReceivers of DeviceCapabilityListener.java, there is a possible way to change preferred TTY mode due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-236264289 | |||||
| CVE-2022-20559 | 1 Google | 1 Android | 2022-12-20 | N/A | 3.3 LOW |
| In revokeOwnPermissionsOnKill of PermissionManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-219739967 | |||||
| CVE-2022-20570 | 1 Google | 1 Android | 2022-12-20 | N/A | 5.5 MEDIUM |
| Product: AndroidVersions: Android kernelAndroid ID: A-230660904References: N/A | |||||
| CVE-2022-20566 | 1 Google | 1 Android | 2022-12-20 | N/A | 7.8 HIGH |
| In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-165329981References: Upstream kernel | |||||
| CVE-2022-20563 | 1 Google | 1 Android | 2022-12-20 | N/A | 6.7 MEDIUM |
| In TBD of ufdt_convert, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242067561References: N/A | |||||
| CVE-2022-20561 | 1 Google | 1 Android | 2022-12-20 | N/A | 7.8 HIGH |
| In TBD of aud_hal_tunnel.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222162870References: N/A | |||||
| CVE-2022-20568 | 1 Google | 1 Android | 2022-12-20 | N/A | 7.8 HIGH |
| In (TBD) of (TBD), there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-220738351References: Upstream kernel | |||||
| CVE-2022-20512 | 1 Google | 1 Android | 2022-12-20 | N/A | 7.8 HIGH |
| In navigateUpTo of Task.java, there is a possible way to launch an intent handler with a mismatched intent due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238602879 | |||||
| CVE-2022-20560 | 1 Google | 1 Android | 2022-12-20 | N/A | 7.5 HIGH |
| Product: AndroidVersions: Android kernelAndroid ID: A-212623833References: N/A | |||||
| CVE-2016-0996 | 6 Adobe, Apple, Google and 3 more | 15 Air, Air Desktop Runtime, Air Sdk and 12 more | 2022-12-20 | 9.3 HIGH | 8.8 HIGH |
| Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000. | |||||
| CVE-2022-20550 | 1 Google | 1 Android | 2022-12-20 | N/A | 7.8 HIGH |
| In Multiple Locations, there is a possibility to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242845514 | |||||
| CVE-2022-20554 | 1 Google | 1 Android | 2022-12-20 | N/A | 6.7 MEDIUM |
| In removeEventHubDevice of InputDevice.cpp, there is a possible OOB read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-245770596 | |||||
| CVE-2022-20549 | 1 Google | 1 Android | 2022-12-20 | N/A | 6.7 MEDIUM |
| In authToken2AidlVec of KeyMintUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242702451 | |||||
| CVE-2022-20557 | 1 Google | 1 Android | 2022-12-20 | N/A | 6.7 MEDIUM |
| In MessageQueueBase of MessageQueueBase.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-247092734 | |||||
| CVE-2022-20556 | 1 Google | 1 Android | 2022-12-20 | N/A | 3.3 LOW |
| In launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for the guest user to add a new WiFi network due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246301667 | |||||