Skip to main content
CVE-2022-20312 MEDIUM This Month

In WifiP2pManager, there is a possible toobtain WiFi P2P MAC address without user consent due to missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20304 MEDIUM This Month

In Content, there is a possible way to determinate the user's account due to side channel information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20303 MEDIUM This Month

In ContentService, there is a possible way to determine if an account is on the device without GET_ACCOUNTS permission due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20301 MEDIUM This Month

In Content, there is a possible way to check if an account exists on the device due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20300 MEDIUM This Month

In Content, there is a possible way to check if the given account exists on the device due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20299 MEDIUM This Month

In ContentService, there is a possible way to check if the given account exists on the device due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20298 MEDIUM This Month

In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20296 MEDIUM This Month

In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20295 MEDIUM This Month

In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20294 MEDIUM This Month

In Content, there is a possible way to learn about an account present on the device due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20293 MEDIUM This Month

In LauncherApps, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20291 MEDIUM This Month

In AppOpsService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20290 MEDIUM This Month

In Midi, there is a possible way to learn about private midi devices due to a permissions bypass. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20289 MEDIUM This Month

In PackageInstaller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20288 MEDIUM This Month

In AppSearchManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20287 MEDIUM This Month

In AppSearchManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20285 MEDIUM This Month

In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20284 MEDIUM This Month

In Telephony, there is a possible information disclosure due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20279 MEDIUM This Month

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20278 MEDIUM This Month

In Accounts, there is a possible way to write sensitive information to the system log due to insufficient log filtering. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20277 MEDIUM This Month

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20276 MEDIUM This Month

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20275 MEDIUM This Month

In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20272 MEDIUM This Month

In PermissionController, there is a possible misunderstanding about the default SMS application's permission set due to misleading text. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Privilege Escalation Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20270 MEDIUM This Month

In Content, there is a possible way to learn gmail account name on the device due to a permissions bypass. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20263 MEDIUM This Month

In ActivityManager, there is a way to read process state for other users due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20260 MEDIUM This Month

In the Phone app, there is a possible crash loop due to resource exhaustion. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Denial Of Service Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20259 MEDIUM This Month

In Telephony, there is a possible leak of ICCID and EID due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-35932 MEDIUM PATCH This Month

Nextcloud Talk is a video and audio conferencing app for Nextcloud. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Information Disclosure Talk
NVD GitHub
CVSS 3.1
5.3
EPSS
1.1%
CVE-2022-20266 MEDIUM This Month

In Companion, there is a possible way to keep a service running with elevated importance without showing foreground service notification due to improper input validation. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
5.0
EPSS
0.1%
CVE-2022-20265 MEDIUM This Month

In Settings, there is a possible way to bypass factory reset permissions due to a permissions bypass. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
4.6
EPSS
0.1%
CVE-2022-20255 MEDIUM This Month

In SettingsProvider, there is a possible way to read or change the default ringtone due to a missing permission check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Privilege Escalation Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-2619 MEDIUM This Month

Insufficient validation of untrusted input in Settings in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Code Injection Chrome Fedora
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2022-2611 MEDIUM This Month

Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Chrome Fedora
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-20330 LOW Monitor

In Bluetooth, there is a possible way to connect or disconnect bluetooth devices without user awareness due to a missing permission check. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Privilege Escalation Android
NVD
CVSS 3.1
3.5
EPSS
0.1%
CVE-2022-20342 LOW Monitor

In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure default value. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20340 LOW Monitor

In SELinux policy, there is a possible way of inferring which websites are being opened in the browser due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20339 LOW Monitor

In Android, there is a possible access of network neighbor table information due to an insecure SEpolicy configuration. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20338 LOW Monitor

In HierarchicalUri.readFrom of Uri.java, there is a possible way to craft a malformed Uri object due to improper input validation. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2022-20336 LOW Monitor

In Settings, there is a possible installed application disclosure due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20335 LOW Monitor

In Wifi Slice, there is a possible way to adjust Wi-Fi settings even when the permission has been disabled due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20328 LOW Monitor

In PackageManager, there is a possible way to determine whether an app is installed due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20321 LOW Monitor

In Settings, there is a possible way for an application without permissions to read content of WiFi QR codes due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20320 LOW Monitor

In ActivityManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20318 LOW Monitor

In PackageInstaller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20316 LOW Monitor

In ContentResolver, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20315 LOW Monitor

In ActivityManager, there is a possible disclosure of installed packages due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20311 LOW Monitor

In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20310 LOW Monitor

In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20309 LOW Monitor

In PackageInstaller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
Prev Page 3 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy