Android
Monthly
Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of usim. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing permission check, This could lead to local information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In windows manager service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In UscAIEngine service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In camera driver, there is a possible memory corruption due to improper locking. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a race condition, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 4.7). No vendor patch available.
In wlan driver, there is a race condition, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 4.7). No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing permission check, This could lead to local information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In sensor driver, there is a possible buffer overflow due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In npu driver, there is a memory corruption due to a use after free. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In audio driver, there is a use after free due to a race condition. Rated medium severity (CVSS 4.7). No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In camera driver, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In camera driver, there is a possible memory corruption due to improper locking. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In face detect driver, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In face detect driver, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In sensor driver, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In ccci, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In Wi-Fi, there is a possible memory access violation due to a logic error. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In Wi-Fi, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In Wi-Fi, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In isp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In isp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In display, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In display, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In gz, there is a possible memory corruption due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In isp, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
In mpu, there is a possible memory corruption due to a logic error. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In keyinstall, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In widevine, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In widevine, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In widevine, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In widevine, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In shared_metadata_init of SharedMetadata.cpp, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In (TBD) mprot_unmap? of (TBD), there is a possible way to corrupt the memory mapping due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In (TBD) of (TBD), there is a possible way to redirect code execution due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In (TBD) of (TBD), there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In (TBD) of (TBD), there is a possible way to corrupt memory due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022 Release 1 allows local attacker to access Device information. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to SMR Nov-2022 Release 1 allows local attacker to access to Device information. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged API. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Heap overflow vulnerability in sflacf_fal_bytes_peek function in libsmat.so library prior to SMR Nov-2022 Release 1 allows local attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Improper input validation vulnerability in DualOutFocusViewer prior to SMR Nov-2022 Release 1 allows local attacker to perform an arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone uid. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In dismiss and related functions of KeyguardHostViewController.java and related files, there is a possible lockscreen bypass due to a logic error in the code. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In getMountModeInternal of StorageManagerService.java, there is a possible prevention of package installation due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of usim. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing permission check, This could lead to local information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In windows manager service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In UscAIEngine service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In camera driver, there is a possible memory corruption due to improper locking. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a race condition, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 4.7). No vendor patch available.
In wlan driver, there is a race condition, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 4.7). No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing permission check, This could lead to local information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In sensor driver, there is a possible buffer overflow due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In npu driver, there is a memory corruption due to a use after free. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In audio driver, there is a use after free due to a race condition. Rated medium severity (CVSS 4.7). No vendor patch available.
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In camera driver, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In camera driver, there is a possible memory corruption due to improper locking. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In face detect driver, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In face detect driver, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In sensor driver, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In power management service, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In ccci, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In Wi-Fi, there is a possible memory access violation due to a logic error. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In Wi-Fi, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In Wi-Fi, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In isp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In isp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In display, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In display, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In gz, there is a possible memory corruption due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In isp, there is a possible out of bounds write due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.
In mpu, there is a possible memory corruption due to a logic error. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In keyinstall, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In widevine, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In widevine, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In widevine, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In widevine, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In shared_metadata_init of SharedMetadata.cpp, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In (TBD) mprot_unmap? of (TBD), there is a possible way to corrupt the memory mapping due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In (TBD) of (TBD), there is a possible way to redirect code execution due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In (TBD) of (TBD), there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
In (TBD) of (TBD), there is a possible way to corrupt memory due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022 Release 1 allows local attacker to access Device information. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to SMR Nov-2022 Release 1 allows local attacker to access to Device information. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged API. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Heap overflow vulnerability in sflacf_fal_bytes_peek function in libsmat.so library prior to SMR Nov-2022 Release 1 allows local attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Improper input validation vulnerability in DualOutFocusViewer prior to SMR Nov-2022 Release 1 allows local attacker to perform an arbitrary code execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone uid. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
In dismiss and related functions of KeyguardHostViewController.java and related files, there is a possible lockscreen bypass due to a logic error in the code. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In getMountModeInternal of StorageManagerService.java, there is a possible prevention of package installation due to improper input validation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.