VYPR

Android

by Google

CVEs (4,120)

  • CVE-2022-20490HigJan 26, 2023
    risk 0.51cvss 7.8epss 0.00

    In multiple functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-42544HigDec 16, 2022
    risk 0.51cvss 7.8epss 0.00

    In getView of AddAppNetworksFragment.java, there is a possible way to mislead the user about network add requests due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20550HigDec 16, 2022
    risk 0.51cvss 7.8epss 0.00

    In Multiple Locations, there is a possibility to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20548HigDec 16, 2022
    risk 0.51cvss 7.8epss 0.00

    In setParameter of EqualizerEffect.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20547HigDec 16, 2022
    risk 0.51cvss 7.8epss 0.00

    In multiple functions of AdapterService.java, there is a possible way to manipulate Bluetooth state due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20507HigDec 16, 2022
    risk 0.51cvss 7.8epss 0.00

    In onMulticastListUpdateNotificationReceived of UwbEventManager.java, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20495HigDec 13, 2022
    risk 0.51cvss 7.8epss 0.00

    In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not…

  • CVE-2022-20491HigDec 13, 2022
    risk 0.51cvss 7.8epss 0.00

    In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20488HigDec 13, 2022
    risk 0.51cvss 7.8epss 0.00

    In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20487HigDec 13, 2022
    risk 0.51cvss 7.8epss 0.00

    In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20486HigDec 13, 2022
    risk 0.51cvss 7.8epss 0.00

    In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20484HigDec 13, 2022
    risk 0.51cvss 7.8epss 0.00

    In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20480HigDec 13, 2022
    risk 0.51cvss 7.8epss 0.00

    In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20479HigDec 13, 2022
    risk 0.51cvss 7.8epss 0.00

    In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20478HigDec 13, 2022
    risk 0.51cvss 7.8epss 0.00

    In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20477HigDec 13, 2022
    risk 0.51cvss 7.8epss 0.00

    In shouldHideNotification of KeyguardNotificationVisibilityProvider.kt, there is a possible way to show hidden notifications due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not…

  • CVE-2022-20475HigDec 13, 2022
    risk 0.51cvss 7.8epss 0.00

    In test of ResetTargetTaskHelper.java, there is a possible hijacking of any app which sets allowTaskReparenting="true" due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20474HigDec 13, 2022
    risk 0.51cvss 7.8epss 0.00

    In readLazyValue of Parcel.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20452HigNov 8, 2022
    risk 0.51cvss 7.8epss 0.00

    In initializeFromParcelLocked of BaseBundle.java, there is a possible method arbitrary code execution due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20451HigNov 8, 2022
    risk 0.51cvss 7.8epss 0.00

    In onCallRedirectionComplete of CallsManager.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

Page 36 of 206