| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2022-30713 |
20 |
|
|
2022-06-07 |
2022-06-11 |
9.4 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
None |
|
Improper validation vulnerability in LSOItemData prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities. |
|
2 |
CVE-2022-30711 |
20 |
|
|
2022-06-07 |
2022-06-11 |
9.4 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
None |
|
Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities. |
|
3 |
CVE-2022-30710 |
20 |
|
|
2022-06-07 |
2022-06-11 |
9.4 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
None |
|
Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities. |
|
4 |
CVE-2022-27835 |
119 |
|
Overflow |
2022-04-11 |
2022-04-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Improper boundary check in UWB firmware prior to SMR Apr-2022 Release 1 allows arbitrary memory write. |
|
5 |
CVE-2022-27572 |
787 |
|
Exec Code Overflow |
2022-04-11 |
2022-04-18 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow vulnerability in parser_ipma function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers. |
|
6 |
CVE-2022-27571 |
787 |
|
Exec Code Overflow |
2022-04-11 |
2022-04-18 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow vulnerability in sheifd_get_info_image function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker. |
|
7 |
CVE-2022-27570 |
787 |
|
Exec Code Overflow |
2022-04-11 |
2022-04-18 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow vulnerability in parser_single_iref function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker. |
|
8 |
CVE-2022-27569 |
787 |
|
Exec Code Overflow |
2022-04-11 |
2022-04-18 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow vulnerability in parser_infe function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker. |
|
9 |
CVE-2022-27568 |
787 |
|
Exec Code Overflow |
2022-04-11 |
2022-04-18 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow vulnerability in parser_iloc function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker. |
|
10 |
CVE-2022-26098 |
787 |
|
Exec Code Overflow |
2022-04-11 |
2022-04-18 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow vulnerability in sheifd_create function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers. |
|
11 |
CVE-2022-20238 |
119 |
|
Overflow |
2022-07-13 |
2022-07-26 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
'remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area), and because the 'vma->vm_page_prot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID: A-233154555 |
|
12 |
CVE-2022-20229 |
787 |
|
Exec Code |
2022-07-13 |
2022-07-26 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224536184 |
|
13 |
CVE-2022-20222 |
787 |
|
Exec Code |
2022-07-13 |
2022-07-25 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
In read_attr_value of gatt_db.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-228078096 |
|
14 |
CVE-2022-20216 |
|
|
|
2022-07-13 |
2022-07-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
android exported is used to set third-party app access permissions, and the default value of intent-filter is true. com.sprd.firewall has set exported as true.Product: AndroidVersions: Android SoCAndroid ID: A-231911916 |
|
15 |
CVE-2022-20210 |
|
|
|
2022-06-15 |
2022-06-24 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The UE and the EMM communicate with each other using NAS messages. When a new NAS message arrives from the EMM, the modem parses it and fills in internal objects based on the received data. A bug in the parsing code could be used by an attacker to remotely crash the modem, which could lead to DoS or RCE.Product: AndroidVersions: Android SoCAndroid ID: A-228868888 |
|
16 |
CVE-2022-20191 |
|
|
|
2022-06-15 |
2022-06-24 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Product: AndroidVersions: Android kernelAndroid ID: A-209324757References: N/A |
|
17 |
CVE-2022-20173 |
|
|
|
2022-06-15 |
2022-06-24 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Product: AndroidVersions: Android kernelAndroid ID: A-207116951References: N/A |
|
18 |
CVE-2022-20171 |
|
|
|
2022-06-15 |
2022-06-24 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Product: AndroidVersions: Android kernelAndroid ID: A-215565667References: N/A |
|
19 |
CVE-2022-20170 |
|
|
|
2022-06-15 |
2022-06-24 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Product: AndroidVersions: Android kernelAndroid ID: A-209421931References: N/A |
|
20 |
CVE-2022-20167 |
|
|
|
2022-06-15 |
2022-06-24 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Product: AndroidVersions: Android kernelAndroid ID: A-204956204References: N/A |
|
21 |
CVE-2022-20164 |
|
|
|
2022-06-15 |
2022-06-23 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Product: AndroidVersions: Android kernelAndroid ID: A-204891956References: N/A |
|
22 |
CVE-2022-20160 |
|
|
|
2022-06-15 |
2022-06-23 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Product: AndroidVersions: Android kernelAndroid ID: A-210083655References: N/A |
|
23 |
CVE-2022-20145 |
|
|
|
2022-06-15 |
2022-06-24 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
In startLegacyVpnPrivileged of Vpn.java, there is a possible way to retrieve VPN credentials due to a protocol downgrade attack. This could lead to remote escalation of privilege if a malicious Wi-Fi AP is used, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-201660636 |
|
24 |
CVE-2022-20140 |
787 |
|
|
2022-06-15 |
2022-06-24 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
In read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-227618988 |
|
25 |
CVE-2022-20130 |
787 |
|
Exec Code Overflow |
2022-06-15 |
2022-06-23 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224314979 |
|
26 |
CVE-2022-20127 |
787 |
|
Exec Code |
2022-06-15 |
2022-06-23 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221862119 |
|
27 |
CVE-2022-20120 |
|
|
|
2022-05-10 |
2022-05-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A |
|
28 |
CVE-2021-39787 |
610 |
|
|
2022-03-30 |
2022-04-05 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In SystemUI, there is a possible arbitrary Activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-202506934 |
|
29 |
CVE-2021-39737 |
|
|
|
2022-03-16 |
2022-03-23 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Product: AndroidVersions: Android kernelAndroid ID: A-208229524References: N/A |
|
30 |
CVE-2021-39723 |
|
|
|
2022-03-16 |
2022-03-22 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Product: AndroidVersions: Android kernelAndroid ID: A-209014813References: N/A |
|
31 |
CVE-2021-39720 |
|
|
|
2022-03-16 |
2022-03-23 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Product: AndroidVersions: Android kernelAndroid ID: A-207433926References: N/A |
|
32 |
CVE-2021-39710 |
|
|
|
2022-03-16 |
2022-03-23 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Product: AndroidVersions: Android kernelAndroid ID: A-202160245References: N/A |
|
33 |
CVE-2021-39708 |
119 |
|
Overflow |
2022-03-16 |
2022-03-23 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-206128341 |
|
34 |
CVE-2021-39706 |
862 |
|
|
2022-03-16 |
2022-07-12 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In onResume of CredentialStorage.java, there is a possible way to cleanup content of credentials storage due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-200164168 |
|
35 |
CVE-2021-39702 |
1021 |
|
|
2022-03-16 |
2022-03-23 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In onCreate of RequestManageCredentials.java, there is a possible way for a third party app to install certificates without user approval due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-205150380 |
|
36 |
CVE-2021-39701 |
20 |
|
|
2022-03-16 |
2022-03-23 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In serviceConnection of ControlsProviderLifecycleManager.kt, there is a possible way to keep service running in foreground without notification or permission due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-212286849 |
|
37 |
CVE-2021-39692 |
1021 |
|
Bypass |
2022-03-16 |
2022-03-23 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In onCreate of SetupLayoutActivity.java, there is a possible way to setup a work profile bypassing user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-209611539 |
|
38 |
CVE-2021-39675 |
787 |
|
Overflow |
2022-02-11 |
2022-02-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
In GKI_getbuf of gki_buffer.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-205729183 |
|
39 |
CVE-2021-39658 |
276 |
|
|
2022-02-11 |
2023-01-25 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
ismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms system service?but it does not check the permissions of the caller?resulting in permission leaks?Third-party apps can use this service to arbitrarily modify and set system properties?Product: AndroidVersions: Android SoCAndroid ID: A-207479207 |
|
40 |
CVE-2021-39645 |
|
|
|
2021-12-15 |
2022-07-12 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Product: AndroidVersions: Android kernelAndroid ID: A-199805112References: N/A |
|
41 |
CVE-2021-39635 |
276 |
|
+Info |
2022-02-11 |
2023-01-25 |
9.4 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
None |
|
ims_ex is a vendor system service used to manage VoLTE in unisoc devices?But it does not verify the caller's permissions?so that normal apps (No phone permissions) can obtain some VoLTE sensitive information and manage VoLTE calls.Product: AndroidVersions: Android SoCAndroid ID: A-206492634 |
|
42 |
CVE-2021-39623 |
269 |
|
|
2022-01-14 |
2022-01-15 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
In doRead of SimpleDecodingSource.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-194105348 |
|
43 |
CVE-2021-39616 |
|
|
|
2022-02-11 |
2022-02-15 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Summary:Product: AndroidVersions: Android SoCAndroid ID: A-204686438 |
|
44 |
CVE-2021-21106 |
416 |
|
|
2021-01-08 |
2021-01-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
|
45 |
CVE-2021-1049 |
|
|
|
2022-01-14 |
2022-01-20 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Hacker one bug ID: 1343975Product: AndroidVersions: Android SoCAndroid ID: A-204256722 |
|
46 |
CVE-2021-0967 |
787 |
|
Exec Code |
2021-12-15 |
2021-12-17 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In vorbis_book_decodev_set of codebook.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-199065614 |
|
47 |
CVE-2021-0956 |
787 |
|
|
2021-12-15 |
2021-12-20 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
In NfcTag::discoverTechnologies (activation) of NfcTag.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additionalSystem execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-189942532 |
|
48 |
CVE-2021-0889 |
|
|
Exec Code |
2021-12-15 |
2021-12-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
In Android TV , there is a possible silent pairing due to lack of rate limiting in the pairing flow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-8.1 Android-9Android ID: A-180745296 |
|
49 |
CVE-2021-0870 |
362 |
|
Exec Code Mem. Corr. |
2021-10-22 |
2021-11-29 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In RW_SetActivatedTagType of rw_main.cc, there is possible memory corruption due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-192472262 |
|
50 |
CVE-2021-0592 |
787 |
|
Exec Code |
2021-07-14 |
2021-07-16 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
In various functions in WideVine, there are possible out of bounds writes due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-188061006 |
