Skip to main content
CVE-2022-20562 LOW PATCH Monitor

In various functions of ap_input_processor.c, there is a possible way to record audio during a phone call due to a logic error in the code. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Google Android
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2022-20559 LOW PATCH Monitor

In revokeOwnPermissionsOnKill of PermissionManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Google Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20558 LOW PATCH Monitor

In registerReceivers of DeviceCapabilityListener.java, there is a possible way to change preferred TTY mode due to a permissions bypass. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20556 LOW PATCH Monitor

In launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for the guest user to add a new WiFi network due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2022-20537 LOW PATCH Monitor

In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable location-sensitive settings due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20536 LOW PATCH Monitor

In registerBroadcastReceiver of RcsService.java, there is a possible way to change preferred TTY mode due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20535 LOW PATCH Monitor

In registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Google Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20533 LOW PATCH Monitor

In getSlice of WifiSlice.java, there is a possible way to connect a new WiFi network from the guest mode due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20528 LOW PATCH Monitor

In findParam of HevcUtils.cpp there is a possible out of bounds read due to a missing bounds check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20526 LOW PATCH Monitor

In CanvasContext::draw of CanvasContext.cpp, there is a possible out of bounds write due to a missing bounds check. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20525 LOW Monitor

In enforceVisualVoicemailPackage of PhoneInterfaceManager.java, there is a possible leak of visual voicemail package name due to a permissions bypass. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20519 LOW PATCH Monitor

In onCreate of AddAppNetworksActivity.java, there is a possible way for a guest user to configure WiFi networks due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-41963 LOW PATCH Monitor

BigBlueButton is an open source web conferencing system. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

Information Disclosure Bigbluebutton
NVD GitHub
CVSS 3.1
3.1
EPSS
0.4%
CVE-2022-41962 LOW PATCH Monitor

BigBlueButton is an open source web conferencing system. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Bigbluebutton
NVD GitHub
CVSS 3.1
2.7
EPSS
0.7%
CVE-2022-20529 LOW PATCH Monitor

In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass due to a logic error in the code. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
2.4
EPSS
0.2%
CVE-2022-20543 LOW PATCH Monitor

In multiple locations, there is a possible display crash loop due to improper input validation. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity.

Google Denial Of Service Android
NVD
CVSS 3.1
2.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy