Skip to main content

Android

7243 CVEs product

Monthly

CVE-2022-42542 MEDIUM PATCH This Month

In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42535 MEDIUM PATCH This Month

In a query in MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure SQLi Google Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-42534 HIGH This Week

In trusty_ffa_mem_reclaim of shared-mem-smcall.c, there is a possible privilege escalation due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-42532 MEDIUM This Month

In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-42531 HIGH This Week

In mmu_map_for_fw of gs_ldfw_load.c, there is a possible mitigation bypass due to Permissive Memory Allocation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Denial Of Service Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-42530 MEDIUM This Month

In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-42529 CRITICAL Act Now

Product: AndroidVersions: Android kernelAndroid ID: A-235292841References: N/A. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Android
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2022-42527 HIGH This Week

In cd_SsParseMsg of cd_SsCodec.c, there is a possible crash due to a missing null check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Google Denial Of Service Android
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-42526 MEDIUM This Month

In ConvertUtf8ToUcs2 of radio_hal_utils.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42525 MEDIUM This Month

In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42524 HIGH This Week

In sms_GetTpUdlIe of sms_PduCodec.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-42523 MEDIUM This Month

In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42522 MEDIUM This Month

In DoSetCarrierConfig of miscservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-42521 MEDIUM This Month

In encode of wlandata.cpp, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42520 MEDIUM This Month

In ServiceInterface::HandleRequest of serviceinterface.cpp, there is a possible use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Google Use After Free Memory Corruption +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42519 MEDIUM This Month

In CdmaBroadcastSmsConfigsRequestData::encode of cdmasmsdata.cpp, there is a possible stack clash leading to memory corruption. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42518 MEDIUM This Month

In BroadcastSmsConfigsRequestData::encode of smsdata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42517 MEDIUM This Month

In MiscService::DoOemSetTcsFci of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-42516 MEDIUM This Month

In ProtocolSimBuilderLegacy::BuildSimGetGbaAuth of protocolsimbuilderlegacy.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-42515 MEDIUM This Month

In MiscService::DoOemSetRtpPktlossThreshold of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-42514 MEDIUM This Month

In ProtocolImsBuilder::BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-42513 MEDIUM This Month

In ProtocolEmbmsBuilder::BuildSetSession of protocolembmsbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42512 MEDIUM This Month

In VsimOperationDataExt::encode of vsimdata.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-42511 MEDIUM This Month

In EmbmsSessionData::encode of embmsdata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42510 MEDIUM This Month

In StringsRequestData::encode of requestdata.cpp, there is a possible out of bounds read due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42509 MEDIUM This Month

In CallDialReqData::encode of callreqdata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42508 MEDIUM This Month

In ProtocolCallBuilder::BuildSendUssd of protocolcallbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42507 MEDIUM This Month

In ProtocolSimBuilder::BuildSimUpdatePb3gEntry of protocolsimbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42506 MEDIUM This Month

In SimUpdatePbEntry::encode of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42505 MEDIUM This Month

In ProtocolMiscBuilder::BuildSetSignalReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42504 MEDIUM This Month

In CallDialReqData::encodeCallNumber of callreqdata.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42503 MEDIUM This Month

In ProtocolMiscBuilder::BuildSetLinkCapaReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42502 MEDIUM This Month

In FacilityLock::Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-42501 MEDIUM This Month

In HexString2Value of util.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-20610 HIGH This Week

In cellular modem firmware, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure RCE Google Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-20609 MEDIUM This Month

In Pixel cellular firmware, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20608 MEDIUM This Month

In Pixel cellular firmware, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-20607 HIGH This Week

In the Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption RCE Google Buffer Overflow Android
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-20606 MEDIUM This Month

In SAEMM_MiningCodecTableWithMsgIE of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2022-20605 HIGH This Week

In SAECOMM_CopyBufferBytes of SAECOMM_Utility.c, there is a possible out of bounds read due to an incorrect bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-20604 MEDIUM This Month

In SAECOMM_SetDcnIdForPlmn of SAECOMM_DbManagement.c, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-20603 HIGH This Week

In SetDecompContextDb of RohcDeCompContextOfRbId.cpp, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption RCE Google Buffer Overflow Android
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-20602 HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-211081867References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Android
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-20601 HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-204541506References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Android
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-20600 HIGH This Week

In TBD of TBD, there is a possible out of bounds write due to memory corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-20599 MEDIUM This Month

In Pixel firmware, there is a possible exposure of sensitive memory due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20598 HIGH This Week

In sec_media_protect of media.c, there is a possible EoP due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-20597 HIGH This Week

In ppmpu_set of ppmpu.c, there is a possible EoP due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-20596 MEDIUM This Month

In sendChunk of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20595 MEDIUM This Month

In getWpcAuthChallengeResponse of WirelessCharger.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-20594 MEDIUM This Month

In updateStart of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20593 MEDIUM This Month

In pop_descriptor_string of BufferDescriptor.h, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-20592 MEDIUM This Month

In ppmp_validate_secbuf of drm_fw.c, there is a possible information disclosure due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-20591 MEDIUM This Month

In ppmpu_set of ppmpu.c, there is a possible information disclosure due to a logic error in the code. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-20590 MEDIUM This Month

In valid_va_sec_mfc_check of drm_access_control.c, there is a possible information disclosure due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-20589 MEDIUM This Month

In valid_va_secbuf_check of drm_access_control.c, there is a possible ID due to improper input validation. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2022-20588 MEDIUM This Month

In sysmmu_map of sysmmu.c, there is a possible EoP due to a precondition check failure. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-20587 HIGH This Week

In ppmp_validate_wsm of drm_fw.c, there is a possible EoP due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20586 HIGH This Week

In valid_out_of_special_sec_dram_addr of drm_access_control.c, there is a possible EoP due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20585 HIGH This Week

In valid_out_of_special_sec_dram_addr of drm_access_control.c, there is a possible EoP due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20584 HIGH This Week

In page_number of shared_mem.c, there is a possible code execution in secure world due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20583 MEDIUM This Month

In ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2022-20582 HIGH This Week

In ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20581 MEDIUM This Month

In the Pixel camera driver, there is a possible use after free due to a logic error in the code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Google Use After Free Memory Corruption +1
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20580 MEDIUM This Month

In ufdt_do_one_fixup of ufdt_overlay.c, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20579 MEDIUM This Month

In RadioImpl::setCdmaBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20578 MEDIUM This Month

In RadioImpl::setGsmBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20577 MEDIUM This Month

In OemSimAuthRequest::encode of wlandata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20576 MEDIUM This Month

In externalOnRequest of rilapplication.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20575 MEDIUM This Month

In read_ppmpu_info of drm_fw.c, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-20574 MEDIUM This Month

In sec_sysmmu_info of drm_fw.c, there is a possible out of bounds read due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-20572 MEDIUM PATCH This Month

In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2022-20571 MEDIUM PATCH This Month

In extract_metadata of dm-android-verity.c, there is a possible way to corrupt kernel memory due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Denial Of Service Google Use After Free Memory Corruption +1
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20570 MEDIUM This Month

Product: AndroidVersions: Android kernelAndroid ID: A-230660904References: N/A. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-20569 MEDIUM This Month

In thermal_cooling_device_stats_update of thermal_sysfs.c, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20568 HIGH PATCH This Week

In (TBD) of (TBD), there is a possible way to corrupt kernel memory due to a use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Denial Of Service Google Use After Free Memory Corruption +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-20567 MEDIUM PATCH This Month

In pppol2tp_create of l2tp_ppp.c, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4).

Race Condition Google Privilege Escalation Denial Of Service Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2022-20566 HIGH PATCH This Week

In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Denial Of Service Google Use After Free Memory Corruption +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-20564 MEDIUM PATCH This Month

In _ufdt_output_strtab_to_fdt of ufdt_convert.c, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20563 MEDIUM PATCH This Month

In TBD of ufdt_convert, there is a possible out of bounds read due to memory corruption. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20562 LOW PATCH Monitor

In various functions of ap_input_processor.c, there is a possible way to record audio during a phone call due to a logic error in the code. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Google Android
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2022-20561 HIGH This Week

In TBD of aud_hal_tunnel.c, there is a possible memory corruption due to a use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Google Buffer Overflow Use After Free +2
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20560 HIGH PATCH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-212623833References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Google Buffer Overflow Android
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2022-20559 LOW PATCH Monitor

In revokeOwnPermissionsOnKill of PermissionManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Google Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20558 LOW PATCH Monitor

In registerReceivers of DeviceCapabilityListener.java, there is a possible way to change preferred TTY mode due to a permissions bypass. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2022-20557 MEDIUM PATCH This Month

In MessageQueueBase of MessageQueueBase.h, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20556 LOW PATCH Monitor

In launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for the guest user to add a new WiFi network due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Google Privilege Escalation Android
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2022-20555 MEDIUM PATCH This Month

In ufdt_get_node_by_path_len of ufdt_convert.c, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Google Buffer Overflow Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-20554 MEDIUM PATCH This Month

In removeEventHubDevice of InputDevice.cpp, there is a possible OOB read due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Denial Of Service Google Use After Free Memory Corruption +1
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-20553 MEDIUM PATCH This Month

In onCreate of LogAccessDialogActivity.java, there is a possible way to bypass a permission check due to a tapjacking/overlay attack. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Google Privilege Escalation XSS Android
NVD
CVSS 3.1
6.5
EPSS
0.1%
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

In a query in MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure SQLi Google +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In trusty_ffa_mem_reclaim of shared-mem-smcall.c, there is a possible privilege escalation due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In mmu_map_for_fw of gs_ldfw_load.c, there is a possible mitigation bypass due to Permissive Memory Allocation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Denial Of Service +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Product: AndroidVersions: Android kernelAndroid ID: A-235292841References: N/A. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Android
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In cd_SsParseMsg of cd_SsCodec.c, there is a possible crash due to a missing null check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Google Denial Of Service +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In ConvertUtf8ToUcs2 of radio_hal_utils.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In sms_GetTpUdlIe of sms_PduCodec.c, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In DoSetCarrierConfig of miscservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In encode of wlandata.cpp, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In ServiceInterface::HandleRequest of serviceinterface.cpp, there is a possible use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Google +3
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In CdmaBroadcastSmsConfigsRequestData::encode of cdmasmsdata.cpp, there is a possible stack clash leading to memory corruption. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In BroadcastSmsConfigsRequestData::encode of smsdata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In MiscService::DoOemSetTcsFci of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In ProtocolSimBuilderLegacy::BuildSimGetGbaAuth of protocolsimbuilderlegacy.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In MiscService::DoOemSetRtpPktlossThreshold of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In ProtocolImsBuilder::BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In ProtocolEmbmsBuilder::BuildSetSession of protocolembmsbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In VsimOperationDataExt::encode of vsimdata.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In EmbmsSessionData::encode of embmsdata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In StringsRequestData::encode of requestdata.cpp, there is a possible out of bounds read due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In CallDialReqData::encode of callreqdata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In ProtocolCallBuilder::BuildSendUssd of protocolcallbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In ProtocolSimBuilder::BuildSimUpdatePb3gEntry of protocolsimbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In SimUpdatePbEntry::encode of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In ProtocolMiscBuilder::BuildSetSignalReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In CallDialReqData::encodeCallNumber of callreqdata.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In ProtocolMiscBuilder::BuildSetLinkCapaReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In FacilityLock::Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In HexString2Value of util.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

In cellular modem firmware, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure RCE Google +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In Pixel cellular firmware, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In Pixel cellular firmware, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

In the Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption RCE Google +2
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

In SAEMM_MiningCodecTableWithMsgIE of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In SAECOMM_CopyBufferBytes of SAECOMM_Utility.c, there is a possible out of bounds read due to an incorrect bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In SAECOMM_SetDcnIdForPlmn of SAECOMM_DbManagement.c, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

In SetDecompContextDb of RohcDeCompContextOfRbId.cpp, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption RCE Google +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-211081867References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Android
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-204541506References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Android
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In TBD of TBD, there is a possible out of bounds write due to memory corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In Pixel firmware, there is a possible exposure of sensitive memory due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Buffer Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In sec_media_protect of media.c, there is a possible EoP due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Google Privilege Escalation +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In ppmpu_set of ppmpu.c, there is a possible EoP due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Google Privilege Escalation +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In sendChunk of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In getWpcAuthChallengeResponse of WirelessCharger.cpp, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In updateStart of WirelessCharger.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In pop_descriptor_string of BufferDescriptor.h, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In ppmp_validate_secbuf of drm_fw.c, there is a possible information disclosure due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In ppmpu_set of ppmpu.c, there is a possible information disclosure due to a logic error in the code. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In valid_va_sec_mfc_check of drm_access_control.c, there is a possible information disclosure due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In valid_va_secbuf_check of drm_access_control.c, there is a possible ID due to improper input validation. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Android
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In sysmmu_map of sysmmu.c, there is a possible EoP due to a precondition check failure. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In ppmp_validate_wsm of drm_fw.c, there is a possible EoP due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In valid_out_of_special_sec_dram_addr of drm_access_control.c, there is a possible EoP due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In valid_out_of_special_sec_dram_addr of drm_access_control.c, there is a possible EoP due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In page_number of shared_mem.c, there is a possible code execution in secure world due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Google Privilege Escalation +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In ppmp_unprotect_mfcfw_buf of drm_fw.c, there is a possible out of bounds write due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In the Pixel camera driver, there is a possible use after free due to a logic error in the code. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Google +3
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In ufdt_do_one_fixup of ufdt_overlay.c, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In RadioImpl::setCdmaBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In RadioImpl::setGsmBroadcastConfig of ril_service_legacy.cpp, there is a possible stack clash leading to memory corruption. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In OemSimAuthRequest::encode of wlandata.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In externalOnRequest of rilapplication.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In read_ppmpu_info of drm_fw.c, there is a possible out of bounds read due to an incorrect bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In sec_sysmmu_info of drm_fw.c, there is a possible out of bounds read due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Google Privilege Escalation +1
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

In extract_metadata of dm-android-verity.c, there is a possible way to corrupt kernel memory due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Denial Of Service Google +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Product: AndroidVersions: Android kernelAndroid ID: A-230660904References: N/A. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Android
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In thermal_cooling_device_stats_update of thermal_sysfs.c, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In (TBD) of (TBD), there is a possible way to corrupt kernel memory due to a use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Denial Of Service Google +3
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

In pppol2tp_create of l2tp_ppp.c, there is a possible use after free due to a race condition. Rated medium severity (CVSS 6.4).

Race Condition Google Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Denial Of Service Google +3
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

In _ufdt_output_strtab_to_fdt of ufdt_convert.c, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Google Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

In TBD of ufdt_convert, there is a possible out of bounds read due to memory corruption. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Google Privilege Escalation +2
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

In various functions of ap_input_processor.c, there is a possible way to record audio during a phone call due to a logic error in the code. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Google Android
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In TBD of aud_hal_tunnel.c, there is a possible memory corruption due to a use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Google +4
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Product: AndroidVersions: Android kernelAndroid ID: A-212623833References: N/A. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Google Buffer Overflow Android
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

In revokeOwnPermissionsOnKill of PermissionManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Google Android
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

In registerReceivers of DeviceCapabilityListener.java, there is a possible way to change preferred TTY mode due to a permissions bypass. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Google Privilege Escalation +1
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

In MessageQueueBase of MessageQueueBase.h, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Google Privilege Escalation +2
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

In launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for the guest user to add a new WiFi network due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Google Privilege Escalation +1
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

In ufdt_get_node_by_path_len of ufdt_convert.c, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Google Buffer Overflow +1
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

In removeEventHubDevice of InputDevice.cpp, there is a possible OOB read due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Denial Of Service Google +3
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

In onCreate of LogAccessDialogActivity.java, there is a possible way to bypass a permission check due to a tapjacking/overlay attack. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Google Privilege Escalation XSS +1
NVD
Prev Page 31 of 81 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy