Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
8700 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-28786 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic. | ||||
| CVE-2022-28785 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic. | ||||
| CVE-2022-28784 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to list file names in arbitrary directory as system user. The patch addresses incorrect implementation of file path validation check logic. | ||||
| CVE-2022-28783 | 1 Google | 1 Android | 2024-11-21 | 6.2 Medium |
| Improper validation of removing package name in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to uninstall arbitrary packages without permission. The patch adds proper validation logic for removing package name. | ||||
| CVE-2022-28782 | 1 Google | 1 Android | 2024-11-21 | 4.6 Medium |
| Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability. | ||||
| CVE-2022-28781 | 1 Google | 1 Android | 2024-11-21 | 7.7 High |
| Improper input validation in Settings prior to SMR-May-2022 Release 1 allows attackers to launch arbitrary activity with system privilege. The patch adds proper validation logic to check the caller. | ||||
| CVE-2022-28780 | 1 Google | 1 Android | 2024-11-21 | 5 Medium |
| Improper access control vulnerability in Weather prior to SMR May-2022 Release 1 allows that attackers can access location information that set in Weather without permission. The patch adds proper protection to prevent access to location information. | ||||
| CVE-2022-28605 | 3 Apple, Google, Linkplay | 3 Iphone Os, Android, Sound Bar | 2024-11-21 | 9.8 Critical |
| Hardcoded admin token in SoundBar apps in Linkplay SDK 1.00 allows remote attackers to gain admin privilege access in linkplay antifactory | ||||
| CVE-2022-27837 | 2 Google, Samsung | 2 Android, Accessibility | 2024-11-21 | 4.4 Medium |
| A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0) allows attacker to access the file with system privilege. | ||||
| CVE-2022-27836 | 1 Google | 1 Android | 2024-11-21 | 8.4 High |
| Improper access control and path traversal vulnerability in Storage Manager and Storage Manager Service prior to SMR Apr-2022 Release 1 allow local attackers to access arbitrary system files without a proper permission. The patch adds proper validation logic to prevent arbitrary files access. | ||||
| CVE-2022-27835 | 1 Google | 1 Android | 2024-11-21 | 7.6 High |
| Improper boundary check in UWB firmware prior to SMR Apr-2022 Release 1 allows arbitrary memory write. | ||||
| CVE-2022-27834 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 2.9 Low |
| Use after free vulnerability in dsp_context_unload_graph function of DSP driver prior to SMR Apr-2022 Release 1 allows attackers to perform malicious actions. | ||||
| CVE-2022-27833 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 4.4 Medium |
| Improper input validation in DSP driver prior to SMR Apr-2022 Release 1 allows out-of-bounds write by integer overflow. | ||||
| CVE-2022-27832 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Improper boundary check in media.extractor library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via a crafted media file. | ||||
| CVE-2022-27831 | 1 Google | 1 Android | 2024-11-21 | 2.9 Low |
| Improper boundary check in sflvd_rdbuf_bits of libsflvextractor prior to SMR Apr-2022 Release 1 allows attackers to read out of bounds memory. | ||||
| CVE-2022-27830 | 1 Google | 1 Android | 2024-11-21 | 8.5 High |
| Improper validation vulnerability in SemBlurInfo prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2022-27829 | 1 Google | 1 Android | 2024-11-21 | 8.5 High |
| Improper validation vulnerability in VerifyCredentialResponse prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2022-27828 | 1 Google | 1 Android | 2024-11-21 | 8.5 High |
| Improper validation vulnerability in MediaMonitorEvent prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2022-27827 | 1 Google | 1 Android | 2024-11-21 | 8.5 High |
| Improper validation vulnerability in MediaMonitorDimension prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2022-27826 | 1 Google | 1 Android | 2024-11-21 | 8.5 High |
| Improper validation vulnerability in SemSuspendDialogInfo prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities. | ||||