VYPR

Android SDK

by Google

CVEs (1,657)

  • CVE-2022-20545HigDec 16, 2022
    risk 0.49cvss 7.5epss 0.01

    In bindArtworkAndColors of MediaControlPanel.java, there is a possible way to crash the phone due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20516HigDec 16, 2022
    risk 0.49cvss 7.5epss 0.01

    In rw_t3t_act_handle_check_ndef_rsp of rw_t3t.cc, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20483HigDec 13, 2022
    risk 0.49cvss 7.5epss 0.01

    In several functions that parse avrc response in avrc_pars_ct.cc and related files, there are possible out of bounds reads due to integer overflows. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed…

  • CVE-2022-20445HigNov 8, 2022
    risk 0.49cvss 7.5epss 0.00

    In process_service_search_rsp of sdp_discovery.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20418HigOct 11, 2022
    risk 0.49cvss 7.5epss 0.00

    In pickStartSeq of AAVCAssembler.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20410HigOct 11, 2022
    risk 0.49cvss 7.5epss 0.01

    In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-0947HigAug 24, 2022
    risk 0.49cvss 7.5epss 0.00

    The method PVRSRVBridgeTLDiscoverStreams allocates puiStreamsInt on the heap, fills the contents of the buffer via TLServerDiscoverStreamsKM, and then copies the buffer to userspace. The method TLServerDiscoverStreamsKM may fail for several reasons including invalid sizes. If…

  • CVE-2021-0946HigAug 24, 2022
    risk 0.49cvss 7.5epss 0.00

    The method PVRSRVBridgePMRPDumpSymbolicAddr allocates puiMemspaceNameInt on the heap, fills the contents of the buffer via PMR_PDumpSymbolicAddr, and then copies the buffer to userspace. The method PMR_PDumpSymbolicAddr may fail, and if it does the buffer will be left…

  • CVE-2021-0891HigAug 24, 2022
    risk 0.49cvss 7.5epss 0.00

    An unprivileged app can trigger PowerVR driver to return an uninitialized heap memory causing information disclosure.Product: AndroidVersions: Android SoCAndroid ID: A-236849490

  • CVE-2022-20308HigAug 12, 2022
    risk 0.49cvss 7.5epss 0.01

    In hostapd, there is a possible insecure configuration due to an insecure default value. This could lead to remote denial of service of the wifi hotspot with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20302HigAug 12, 2022
    risk 0.49cvss 7.6epss 0.00

    In Settings, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if the attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed…

  • CVE-2022-20406HigAug 11, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-184676385References: N/A

  • CVE-2022-20247HigAug 11, 2022
    risk 0.49cvss 7.5epss 0.00

    In Media, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:…

  • CVE-2022-20244HigAug 11, 2022
    risk 0.49cvss 7.5epss 0.00

    In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if more than 100 bluetooth devices have been connected with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20236HigJul 13, 2022
    risk 0.49cvss 7.5epss 0.00

    A drm driver have oob problem, could cause the system crash or EOPProduct: AndroidVersions: Android SoCAndroid ID: A-233124709

  • CVE-2022-20234HigJul 13, 2022
    risk 0.49cvss 7.5epss 0.00

    In Car Settings app, the NotificationAccessConfirmationActivity is exported. In NotificationAccessConfirmationActivity, it gets both 'mComponentName' and 'pkgTitle' from user.An unprivileged app can use a malicous mComponentName with a benign pkgTitle (e.g. Settings app) to make…

  • CVE-2022-20224HigJul 13, 2022
    risk 0.49cvss 7.5epss 0.01

    In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20209HigJun 15, 2022
    risk 0.49cvss 7.5epss 0.01

    In hme_add_new_node_to_a_sorted_array of hme_utils.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20131HigJun 15, 2022
    risk 0.49cvss 7.5epss 0.01

    In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20123HigJun 15, 2022
    risk 0.49cvss 7.5epss 0.01

    In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

Page 34 of 83