CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Android : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-42544 20 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In getView of AddAppNetworksFragment.java, there is a possible way to mislead the user about network add requests due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224545390
2 CVE-2022-42543 125 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-249998113References: N/A
3 CVE-2022-42542 787 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231445184
4 CVE-2022-42535 89 Sql 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In a query in MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224770183
5 CVE-2022-42534 20 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In trusty_ffa_mem_reclaim of shared-mem-smcall.c, there is a possible privilege escalation due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237838301References: N/A
6 CVE-2022-42533 190 Overflow 2022-11-17 2022-11-22
0.0
None ??? ??? ??? ??? ??? ???
In shared_metadata_init of SharedMetadata.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239415718References: N/A
7 CVE-2022-42532 125 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242332610References: N/A
8 CVE-2022-42531 770 Bypass 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In mmu_map_for_fw of gs_ldfw_load.c, there is a possible mitigation bypass due to Permissive Memory Allocation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-231500967References: N/A
9 CVE-2022-42530 125 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242331893References: N/A
10 CVE-2022-42529 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
Product: AndroidVersions: Android kernelAndroid ID: A-235292841References: N/A
11 CVE-2022-42527 DoS Exec Code 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In cd_SsParseMsg of cd_SsCodec.c, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-244448906References: N/A
12 CVE-2022-42526 787 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In ConvertUtf8ToUcs2 of radio_hal_utils.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509880References: N/A
13 CVE-2022-42525 787 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509750References: N/A
14 CVE-2022-42524 125 Exec Code 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In sms_GetTpUdlIe of sms_PduCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243401445References: N/A
15 CVE-2022-42523 787 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243376893References: N/A
16 CVE-2022-42522 125 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In DoSetCarrierConfig of miscservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243130038References: N/A
17 CVE-2022-42521 787 Exec Code 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In encode of wlandata.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243130019References: N/A
18 CVE-2022-42520 416 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In ServiceInterface::HandleRequest of serviceinterface.cpp, there is a possible use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242994270References: N/A
19 CVE-2022-42519 787 Exec Code Mem. Corr. 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In CdmaBroadcastSmsConfigsRequestData::encode of cdmasmsdata.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242540694References: N/A
20 CVE-2022-42518 787 Exec Code 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In BroadcastSmsConfigsRequestData::encode of smsdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242536278References: N/A
21 CVE-2022-42517 125 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In MiscService::DoOemSetTcsFci of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763682References: N/A
22 CVE-2022-42516 125 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In ProtocolSimBuilderLegacy::BuildSimGetGbaAuth of protocolsimbuilderlegacy.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763577References: N/A
23 CVE-2022-42515 125 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In MiscService::DoOemSetRtpPktlossThreshold of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763503References: N/A
24 CVE-2022-42514 125 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In ProtocolImsBuilder::BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763298References: N/A
25 CVE-2022-42513 787 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In ProtocolEmbmsBuilder::BuildSetSession of protocolembmsbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763204References: N/A
26 CVE-2022-42512 125 Exec Code 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In VsimOperationDataExt::encode of vsimdata.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763050References: N/A
27 CVE-2022-42511 787 Exec Code 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In EmbmsSessionData::encode of embmsdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762712References: N/A
28 CVE-2022-42510 125 Exec Code 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In StringsRequestData::encode of requestdata.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762656References: N/A
29 CVE-2022-42509 787 Exec Code 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In CallDialReqData::encode of callreqdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241544307References: N/A
30 CVE-2022-42508 787 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In ProtocolCallBuilder::BuildSendUssd of protocolcallbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241388966References: N/A
31 CVE-2022-42507 787 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In ProtocolSimBuilder::BuildSimUpdatePb3gEntry of protocolsimbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241388774References: N/A
32 CVE-2022-42506 787 Exec Code 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In SimUpdatePbEntry::encode of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241388399References: N/A
33 CVE-2022-42505 787 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In ProtocolMiscBuilder::BuildSetSignalReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241232492References: N/A
34 CVE-2022-42504 787 Exec Code 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In CallDialReqData::encodeCallNumber of callreqdata.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241232209References: N/A
35 CVE-2022-42503 787 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In ProtocolMiscBuilder::BuildSetLinkCapaReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241231983References: N/A
36 CVE-2022-42502 787 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In FacilityLock::Parse of simdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241231970References: N/A
37 CVE-2022-42501 787 2022-12-16 2022-12-21
0.0
None ??? ??? ??? ??? ??? ???
In HexString2Value of util.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241231403References: N/A
38 CVE-2022-39914 863 2022-12-08 2022-12-12
0.0
None ??? ??? ??? ??? ??? ???
Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung DisplayManagerService prior to Android T(13) allows local attacker to access connected DLNA device information.
39 CVE-2022-39913 863 2022-12-08 2022-12-12
0.0
None ??? ??? ??? ??? ??? ???
Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T(13) allows local attacker to access user profiles information.
40 CVE-2022-39912 755 2022-12-08 2022-12-12
0.0
None ??? ??? ??? ??? ??? ???
Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T(13) allows local attackers to set some setting value in Secure folder.
41 CVE-2022-39908 367 2022-12-08 2022-12-12
0.0
None ??? ??? ??? ??? ??? ???
TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write.
42 CVE-2022-39907 190 Overflow 2022-12-08 2022-12-12
0.0
None ??? ??? ??? ??? ??? ???
Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write.
43 CVE-2022-39906 2022-12-08 2022-12-12
0.0
None ??? ??? ??? ??? ??? ???
Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information.
44 CVE-2022-39905 2022-12-08 2022-12-10
0.0
None ??? ??? ??? ??? ??? ???
Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit intent.
45 CVE-2022-39904 200 +Info 2022-12-08 2022-12-12
0.0
None ??? ??? ??? ??? ??? ???
Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release 1 allows local attackers to access the Network Access Identifier via log.
46 CVE-2022-39903 863 2022-12-08 2022-12-12
0.0
None ??? ??? ??? ??? ??? ???
Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local attackers to access RCS incoming call number.
47 CVE-2022-39900 2022-12-08 2022-12-12
0.0
None ??? ??? ??? ??? ??? ???
Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice Catch.
48 CVE-2022-39899 287 2022-12-08 2022-12-12
0.0
None ??? ??? ??? ??? ??? ???
Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture.
49 CVE-2022-39898 2022-12-08 2022-12-12
0.0
None ??? ??? ??? ??? ??? ???
Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of usim.
50 CVE-2022-39897 532 2022-12-08 2022-12-09
0.0
None ??? ??? ??? ??? ??? ???
Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log.
Total number of vulnerabilities : 4902   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.