CVE List - 2022 / August
Showing 801 - 900 of 2306 CVEs for August 2022 (Page 9 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2021-22289 | 2022-08-11 | RCE through Project Upload from Target |
| CVE-2022-20158 | 2022-08-11 | In bdi_put and bdi_unregister of backing-dev.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2022-20180 | 2022-08-11 | In several functions of mali_gralloc_reference.cpp, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges... |
| CVE-2022-20237 | 2022-08-11 | In BuildDevIDResponse of miscdatabuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges... |
| CVE-2022-20365 | 2022-08-11 | Product: AndroidVersions: Android kernelAndroid ID: A-229632566References: N/A |
| CVE-2022-20366 | 2022-08-11 | In ioctl_dpm_clk_update of lwis_ioctl.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed.... |
| CVE-2022-20367 | 2022-08-11 | In construct_transaction of lwis_ioctl.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with System... |
| CVE-2022-20368 | 2022-08-11 | Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel |
| CVE-2022-20370 | 2022-08-11 | Product: AndroidVersions: Android kernelAndroid ID: A-215730643References: N/A |
| CVE-2022-20371 | 2022-08-11 | In dm_bow_dtr and related functions of dm-bow.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution... |
| CVE-2022-20372 | 2022-08-11 | In exynos5_i2c_irq of (TBD), there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2022-20373 | 2022-08-11 | In st21nfc_loc_set_polaritymode of fc/st21nfc.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2022-20375 | 2022-08-11 | In LteRrcNrProAsnDecode of LteRrcNr_Codec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution... |
| CVE-2022-20376 | 2022-08-11 | In trusty_log_seq_start of trusty-log.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction... |
| CVE-2022-20377 | 2022-08-11 | In TBD of keymaster_ipc.cpp, there is a possible to force gatekeeper, fingerprint, and faceauth to use a known HMAC key. This could lead to local escalation of privilege with no... |
| CVE-2022-20378 | 2022-08-11 | Product: AndroidVersions: Android kernelAndroid ID: A-234657153References: N/A |
| CVE-2022-20379 | 2022-08-11 | In lwis_buffer_alloc of lwis_buffer.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with System execution privileges needed.... |
| CVE-2022-20380 | 2022-08-11 | Product: AndroidVersions: Android kernelAndroid ID: A-212625740References: N/A |
| CVE-2022-20381 | 2022-08-11 | Product: AndroidVersions: Android kernelAndroid ID: A-188935887References: N/A |
| CVE-2022-20382 | 2022-08-11 | In (TBD) of (TBD), there is a possible out of bounds write due to kernel stack overflow. This could lead to local escalation of privilege with System execution privileges needed.... |
| CVE-2022-20383 | 2022-08-11 | In AllocateInternalBuffers of g3aa_buffer_allocator.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2022-20384 | 2022-08-11 | Product: AndroidVersions: Android kernelAndroid ID: A-211727306References: N/A |
| CVE-2022-20400 | 2022-08-11 | In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges... |
| CVE-2022-20401 | 2022-08-11 | In SAEMM_RetrievEPLMNList of SAEMM_ContextManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure post-authentication with no additional execution... |
| CVE-2022-20402 | 2022-08-11 | Product: AndroidVersions: Android kernelAndroid ID: A-218701042References: N/A |
| CVE-2022-20403 | 2022-08-11 | Product: AndroidVersions: Android kernelAndroid ID: A-207975764References: N/A |
| CVE-2022-20404 | 2022-08-11 | Product: AndroidVersions: Android kernelAndroid ID: A-205714161References: N/A |
| CVE-2022-20405 | 2022-08-11 | Product: AndroidVersions: Android kernelAndroid ID: A-216363416References: N/A |
| CVE-2022-20406 | 2022-08-11 | Product: AndroidVersions: Android kernelAndroid ID: A-184676385References: N/A |
| CVE-2022-20407 | 2022-08-11 | Product: AndroidVersions: Android kernelAndroid ID: A-210916981References: N/A |
| CVE-2022-20408 | 2022-08-11 | Product: AndroidVersions: Android kernelAndroid ID: A-204782372References: N/A |
| CVE-2021-0734 | 2022-08-11 | In Settings, there is a possible way to determine whether an app is installed without query permissions, due to side channel information disclosure. This could lead to local information disclosure... |
| CVE-2021-0735 | 2022-08-11 | In PackageManager, there is a possible way to get information about installed packages ignoring limitations introduced in Android 11 due to a missing permission check. This could lead to local... |
| CVE-2021-0975 | 2022-08-11 | In USB Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information... |
| CVE-2022-20241 | 2022-08-11 | In Messaging, there is a possible way to attach a private file to an SMS message due to improper input validation. This could lead to local information disclosure with no... |
| CVE-2022-20242 | 2022-08-11 | In Telephony, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... |
| CVE-2022-20243 | 2022-08-11 | In Core Utilities, there is a possible log information disclosure. This could lead to local information disclosure of sensitive browsing data with System execution privileges needed. User interaction is not... |
| CVE-2022-20244 | 2022-08-11 | In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if more than 100 bluetooth devices... |
| CVE-2022-20245 | 2022-08-11 | In WindowManager, there is a possible method to create a recording of the lock screen due to an insecure default value. This could lead to local information disclosure with no... |
| CVE-2022-20246 | 2022-08-11 | In WindowManager, there is a possible bypass of the restrictions for starting activities from the background due to an incorrect UID/permission check. This could lead to local escalation of privilege... |
| CVE-2022-20247 | 2022-08-11 | In Media, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User... |
| CVE-2022-20248 | 2022-08-11 | In Settings, there is a possible way to connect to an open network bypassing DISALLOW_CONFIG_WIFI restriction due to a logic error in the code. This could lead to local escalation... |
| CVE-2022-20249 | 2022-08-11 | In LocaleManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... |
| CVE-2022-20250 | 2022-08-11 | In Messaging, there is a possible way to attach files to a message without proper access checks due to improper input validation. This could lead to local escalation of privilege... |
| CVE-2022-20251 | 2022-08-11 | In LocaleManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... |
| CVE-2022-20252 | 2022-08-11 | In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... |
| CVE-2022-20253 | 2022-08-11 | In Bluetooth, there is a possible cleanup failure due to an uncaught exception. This could lead to remote denial of service in Bluetooth with no additional execution privileges needed. User... |
| CVE-2022-20254 | 2022-08-11 | In Wi-Fi, there is a permissions bypass. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed... |
| CVE-2022-20255 | 2022-08-11 | In SettingsProvider, there is a possible way to read or change the default ringtone due to a missing permission check. This could lead to local escalation of privilege with no... |
| CVE-2022-20256 | 2022-08-11 | In the Audio HAL, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed.... |
| CVE-2022-20257 | 2022-08-11 | In Bluetooth, there is a possible way to pair a display only device without PIN confirmation due to a logic error in the code. This could lead to local escalation... |
| CVE-2022-20258 | 2022-08-11 | In Bluetooth, there is a possible way to bypass compiler exploit mitigations due to a configuration error. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2022-20259 | 2022-08-11 | In Telephony, there is a possible leak of ICCID and EID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.... |
| CVE-2022-20260 | 2022-08-11 | In the Phone app, there is a possible crash loop due to resource exhaustion. This could lead to local persistent denial of service in the Phone app with User execution... |
| CVE-2022-20261 | 2022-08-11 | In LocationManager, there is a possible way to get location information due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User... |
| CVE-2022-20262 | 2022-08-11 | In ActivityManager, there is a possible way to check another process's capabilities due to a missing permission check. This could lead to local information disclosure with User execution privileges needed.... |
| CVE-2022-20263 | 2022-08-11 | In ActivityManager, there is a way to read process state for other users due to a missing permission check. This could lead to local information disclosure of app usage with... |
| CVE-2022-20265 | 2022-08-11 | In Settings, there is a possible way to bypass factory reset permissions due to a permissions bypass. This could lead to local escalation of privilege with physical access to the... |
| CVE-2022-20266 | 2022-08-11 | In Companion, there is a possible way to keep a service running with elevated importance without showing foreground service notification due to improper input validation. This could lead to local... |
| CVE-2022-20267 | 2022-08-11 | In bluetooth, there is a possible way to enable or disable bluetooth connection without user consent due to a missing permission check. This could lead to local escalation of privilege... |
| CVE-2022-20268 | 2022-08-11 | In RestrictionsManager, there is a possible way to send a broadcast that should be restricted to system apps due to a permissions bypass. This could lead to local escalation of... |
| CVE-2022-20269 | 2022-08-11 | In Bluetooth, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2022-20270 | 2022-08-11 | In Content, there is a possible way to learn gmail account name on the device due to a permissions bypass. This could lead to local information disclosure with no additional... |
| CVE-2022-20271 | 2022-08-11 | In PermissionController, there is a possible way to grant some permissions without user consent due to misleading or insufficient UI. This could lead to local escalation of privilege with no... |
| CVE-2022-20272 | 2022-08-11 | In PermissionController, there is a possible misunderstanding about the default SMS application's permission set due to misleading text. This could lead to local information disclosure with User privileges needed. User... |
| CVE-2022-20273 | 2022-08-11 | In Bluetooth, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User... |
| CVE-2022-20274 | 2022-08-11 | In Keyguard, there is a missing permission check. This could lead to local escalation of privilege and prevention of screen timeout with User execution privileges needed. User interaction is not... |
| CVE-2022-20275 | 2022-08-11 | In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... |
| CVE-2022-20276 | 2022-08-11 | In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... |
| CVE-2022-20277 | 2022-08-11 | In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... |
| CVE-2022-20278 | 2022-08-11 | In Accounts, there is a possible way to write sensitive information to the system log due to insufficient log filtering. This could lead to local information disclosure with System execution... |
| CVE-2022-20279 | 2022-08-11 | In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... |
| CVE-2022-20280 | 2022-08-11 | In MMSProvider, there is a possible read of protected data due to improper input validationSQL injection. This could lead to local information disclosure of sms/mms data with User execution privileges... |
| CVE-2022-20281 | 2022-08-11 | In Core, there is a possible way to start an activity from the background due to a missing permission check. This could lead to local escalation of privilege with User... |
| CVE-2022-20282 | 2022-08-11 | In AppWidget, there is a possible way to start an activity from the background due to a missing permission check. This could lead to local escalation of privilege with no... |
| CVE-2022-20283 | 2022-08-11 | In Bluetooth, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution over Bluetooth with no additional execution privileges needed.... |
| CVE-2022-20284 | 2022-08-11 | In Telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of phone accounts with User execution privileges needed. User... |
| CVE-2022-20285 | 2022-08-11 | In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... |
| CVE-2022-20286 | 2022-08-11 | In Connectivity, there is a possible bypass the restriction of starting activity from background due to a logic error in the code. This could lead to local escalation of privilege... |
| CVE-2022-20287 | 2022-08-11 | In AppSearchManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... |
| CVE-2022-20288 | 2022-08-11 | In AppSearchManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... |
| CVE-2022-20289 | 2022-08-11 | In PackageInstaller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... |
| CVE-2022-20290 | 2022-08-11 | In Midi, there is a possible way to learn about private midi devices due to a permissions bypass. This could lead to local escalation of privilege with no additional execution... |
| CVE-2022-20291 | 2022-08-11 | In AppOpsService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... |
| CVE-2022-20292 | 2022-08-11 | In Settings, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no... |
| CVE-2022-20293 | 2022-08-11 | In LauncherApps, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... |
| CVE-2022-20294 | 2022-08-11 | In Content, there is a possible way to learn about an account present on the device due to a missing permission check. This could lead to local information disclosure with... |
| CVE-2022-20295 | 2022-08-11 | In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with... |
| CVE-2022-20296 | 2022-08-11 | In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with... |
| CVE-2022-20297 | 2022-08-11 | In Settings, there is a possible way to bypass factory reset protections due to a logic error in the code. This could lead to local escalation of privilege with no... |
| CVE-2022-20298 | 2022-08-11 | In ContentService, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with... |
| CVE-2022-20299 | 2022-08-11 | In ContentService, there is a possible way to check if the given account exists on the device due to a missing permission check. This could lead to local information disclosure... |
| CVE-2022-20300 | 2022-08-11 | In Content, there is a possible way to check if the given account exists on the device due to a missing permission check. This could lead to local information disclosure... |
| CVE-2022-20301 | 2022-08-11 | In Content, there is a possible way to check if an account exists on the device due to a missing permission check. This could lead to local information disclosure with... |
| CVE-2022-20302 | 2022-08-11 | In Settings, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if the attacker has physical... |
| CVE-2022-20303 | 2022-08-11 | In ContentService, there is a possible way to determine if an account is on the device without GET_ACCOUNTS permission due to a missing permission check. This could lead to local... |
| CVE-2022-20304 | 2022-08-11 | In Content, there is a possible way to determinate the user's account due to side channel information disclosure. This could lead to local information disclosure with User execution privileges needed.... |
| CVE-2022-20305 | 2022-08-11 | In ContentService, there is a possible disclosure of available account types due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User... |
| CVE-2022-20306 | 2022-08-11 | In Camera Provider HAL, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2022-20307 | 2022-08-11 | In AlarmManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure... |