Export limit exceeded: 35583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (35583 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-20260 1 Google 1 Android 2024-11-21 5.5 Medium
In the Phone app, there is a possible crash loop due to resource exhaustion. This could lead to local persistent denial of service in the Phone app with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-220865698
CVE-2022-20258 1 Google 1 Android 2024-11-21 7.8 High
In Bluetooth, there is a possible way to bypass compiler exploit mitigations due to a configuration error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-221893030
CVE-2022-20257 1 Google 1 Android 2024-11-21 3.3 Low
In Bluetooth, there is a possible way to pair a display only device without PIN confirmation due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222289114
CVE-2022-20254 1 Google 1 Android 2024-11-21 8.8 High
In Wi-Fi, there is a permissions bypass. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-223377547
CVE-2022-20248 1 Google 1 Android 2024-11-21 7.8 High
In Settings, there is a possible way to connect to an open network bypassing DISALLOW_CONFIG_WIFI restriction due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227619193
CVE-2022-20245 1 Google 1 Android 2024-11-21 2.4 Low
In WindowManager, there is a possible method to create a recording of the lock screen due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-215005011
CVE-2022-20217 1 Google 1 Android 2024-11-21 6.5 Medium
There is a unauthorized broadcast in the SprdContactsProvider. A third-party app could use this issue to delete Fdn contact.Product: AndroidVersions: Android SoCAndroid ID: A-232441378
CVE-2022-20216 1 Google 1 Android 2024-11-21 9.8 Critical
android exported is used to set third-party app access permissions, and the default value of intent-filter is true. com.sprd.firewall has set exported as true.Product: AndroidVersions: Android SoCAndroid ID: A-231911916
CVE-2022-20210 1 Google 1 Android 2024-11-21 9.8 Critical
The UE and the EMM communicate with each other using NAS messages. When a new NAS message arrives from the EMM, the modem parses it and fills in internal objects based on the received data. A bug in the parsing code could be used by an attacker to remotely crash the modem, which could lead to DoS or RCE.Product: AndroidVersions: Android SoCAndroid ID: A-228868888
CVE-2022-20207 1 Google 1 Android 2024-11-21 7.8 High
In static definitions of GattServiceConfig.java, there is a possible permission bypass due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-185513714
CVE-2022-20197 1 Google 1 Android 2024-11-21 7.8 High
In recycle of Parcel.java, there is a possible way to start foreground activity from background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-208279300
CVE-2022-20194 1 Google 1 Android 2024-11-21 7.8 High
In onCreate of ChooseLockGeneric.java, there is a possible permission bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-222684510
CVE-2022-20193 1 Google 1 Android 2024-11-21 7.3 High
In getUniqueUsagesWithLabels of PermissionUsageHelper.java, there is a possible incorrect permission attribution due to a logic error in the code. This could lead to local escalation of privilege by conflating apps with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-212434116
CVE-2022-20192 1 Google 1 Android 2024-11-21 7.8 High
In grantEmbeddedWindowFocus of WindowManagerService.java, there is a possible way to change an input channel for embedded hierarchy due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215912712
CVE-2022-20191 1 Google 1 Android 2024-11-21 9.8 Critical
Product: AndroidVersions: Android kernelAndroid ID: A-209324757References: N/A
CVE-2022-20190 1 Google 1 Android 2024-11-21 7.5 High
Product: AndroidVersions: Android kernelAndroid ID: A-208744915References: N/A
CVE-2022-20188 1 Google 1 Android 2024-11-21 7.5 High
Product: AndroidVersions: Android kernelAndroid ID: A-207254598References: N/A
CVE-2022-20184 1 Google 1 Android 2024-11-21 7.5 High
Product: AndroidVersions: Android kernelAndroid ID: A-209153114References: N/A
CVE-2022-20181 1 Google 1 Android 2024-11-21 7.5 High
Product: AndroidVersions: Android kernelAndroid ID: A-210936609References: N/A
CVE-2022-20180 1 Google 1 Android 2024-11-21 7.8 High
In several functions of mali_gralloc_reference.cpp, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-212804042References: N/A