Filtered by vendor Google
Subscribe
Total
12949 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-26429 | 2 Google, Mediatek | 42 Android, Mt6580, Mt6735 and 39 more | 2024-11-21 | N/A | 7.8 HIGH |
| In cta, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07025415; Issue ID: ALPS07025415. | |||||
| CVE-2022-26428 | 2 Google, Mediatek | 12 Android, Mt6739, Mt6761 and 9 more | 2024-11-21 | N/A | 6.4 MEDIUM |
| In video codec, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06521260; Issue ID: ALPS06521260. | |||||
| CVE-2022-26427 | 2 Google, Mediatek | 6 Android, Mt6833, Mt6853 and 3 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085540; Issue ID: ALPS07085540. | |||||
| CVE-2022-26426 | 2 Google, Mediatek | 22 Android, Mt6833, Mt6853 and 19 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085486; Issue ID: ALPS07085486. | |||||
| CVE-2022-26099 | 1 Google | 1 Android | 2024-11-21 | 6.4 MEDIUM | 5.9 MEDIUM |
| Null pointer dereference vulnerability in parser_infe function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds read by remote attackers. | |||||
| CVE-2022-26098 | 1 Google | 1 Android | 2024-11-21 | 10.0 HIGH | 8.1 HIGH |
| Heap-based buffer overflow vulnerability in sheifd_create function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers. | |||||
| CVE-2022-26097 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 5.9 MEDIUM |
| Null pointer dereference vulnerability in parser_unknown_property function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker. | |||||
| CVE-2022-26096 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 5.9 MEDIUM |
| Null pointer dereference vulnerability in parser_ispe function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker. | |||||
| CVE-2022-26095 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 5.9 MEDIUM |
| Null pointer dereference vulnerability in parser_colr function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker. | |||||
| CVE-2022-26094 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 5.9 MEDIUM |
| Null pointer dereference vulnerability in parser_auxC function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker. | |||||
| CVE-2022-26093 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 5.9 MEDIUM |
| Null pointer dereference vulnerability in parser_irot function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker. | |||||
| CVE-2022-26092 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.4 HIGH |
| Improper boundary check in Quram Agif library prior to SMR Apr-2022 Release 1 allows arbitrary code execution. | |||||
| CVE-2022-26091 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 5.7 MEDIUM |
| Improper access control vulnerability in Knox Manage prior to SMR Apr-2022 Release 1 allows that physical attackers can bypass Knox Manage using a function key of hardware keyboard. | |||||
| CVE-2022-26090 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.3 MEDIUM |
| Improper access control vulnerability in SamsungContacts prior to SMR Apr-2022 Release 1 allows that attackers can access contact information without permission. | |||||
| CVE-2022-25833 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission. | |||||
| CVE-2022-25832 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 4.0 MEDIUM |
| Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to use locked Myfiles app without authentication. | |||||
| CVE-2022-25831 | 1 Google | 1 Android | 2024-11-21 | 1.9 LOW | 2.0 LOW |
| Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to access secured data in certain conditions. | |||||
| CVE-2022-25822 | 1 Google | 1 Android | 2024-11-21 | 4.9 MEDIUM | 4.0 MEDIUM |
| An use after free vulnerability in sdp driver prior to SMR Mar-2022 Release 1 allows kernel crash. | |||||
| CVE-2022-25821 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 3.6 LOW | 3.3 LOW |
| Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB read. | |||||
| CVE-2022-25820 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.2 MEDIUM |
| A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows physical attackers to perform brute force attack on screen lock password. | |||||