Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
In AOSP Email, there is a possible information disclosure due to a confused deputy. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In the Package Manager service, there is a possible information disclosure due to a confused deputy. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In FingerprintService, there is a possible bypass for operating system protections that isolate user profiles from each other due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In AudioService, there is a possible trigger of background user audio due to a permissions bypass. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In SyncStatusObserver, there is a possible bypass for operating system protections that isolate user profiles from each other due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In the Activity Manager service, there is a possible information disclosure due to a confused deputy. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In keyguard, there is a possible escalation of privilege due to improper permission checks. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In the proc filesystem, there is a possible information disclosure due to log information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.