Total
35453 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20390 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
| Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238257002 | |||||
| CVE-2022-20387 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
| Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227324 | |||||
| CVE-2022-20386 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
| Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227328 | |||||
| CVE-2022-20384 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
| Product: AndroidVersions: Android kernelAndroid ID: A-211727306References: N/A | |||||
| CVE-2022-20381 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
| Product: AndroidVersions: Android kernelAndroid ID: A-188935887References: N/A | |||||
| CVE-2022-20380 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.5 HIGH |
| Product: AndroidVersions: Android kernelAndroid ID: A-212625740References: N/A | |||||
| CVE-2022-20378 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
| Product: AndroidVersions: Android kernelAndroid ID: A-234657153References: N/A | |||||
| CVE-2022-20377 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
| In TBD of keymaster_ipc.cpp, there is a possible to force gatekeeper, fingerprint, and faceauth to use a known HMAC key. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222339795References: N/A | |||||
| CVE-2022-20370 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.5 HIGH |
| Product: AndroidVersions: Android kernelAndroid ID: A-215730643References: N/A | |||||
| CVE-2022-20368 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel | |||||
| CVE-2022-20365 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
| Product: AndroidVersions: Android kernelAndroid ID: A-229632566References: N/A | |||||
| CVE-2022-20354 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| In onDefaultNetworkChanged of Vpn.java, there is a possible way to disable VPN due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-219546241 | |||||
| CVE-2022-20339 | 1 Google | 1 Android | 2024-11-21 | N/A | 3.3 LOW |
| In Android, there is a possible access of network neighbor table information due to an insecure SEpolicy configuration. This could lead to local information disclosure of network topography with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-171572148 | |||||
| CVE-2022-20317 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In SystemUI, there is a possible way to unexpectedly enable the external speaker due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-190199063 | |||||
| CVE-2022-20308 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.5 HIGH |
| In hostapd, there is a possible insecure configuration due to an insecure default value. This could lead to remote denial of service of the wifi hotspot with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-197874458 | |||||
| CVE-2022-20302 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.6 HIGH |
| In Settings, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if the attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-200746457 | |||||
| CVE-2022-20297 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| In Settings, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-201561699 | |||||
| CVE-2022-20292 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| In Settings, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-202975040 | |||||
| CVE-2022-20290 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In Midi, there is a possible way to learn about private midi devices due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-203549963 | |||||
| CVE-2022-20286 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| In Connectivity, there is a possible bypass the restriction of starting activity from background due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-230866011 | |||||