VYPR

Vendor CVEs

Google

All CVEs

11,416 total · sorted by risk
  • CVE-2022-20564MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In _ufdt_output_strtab_to_fdt of ufdt_convert.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20563MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In TBD of ufdt_convert, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:…

  • CVE-2022-20557MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In MessageQueueBase of MessageQueueBase.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20554MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In removeEventHubDevice of InputDevice.cpp, there is a possible OOB read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android…

  • CVE-2022-20549MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In authToken2AidlVec of KeyMintUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20546MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In getCurrentConfigImpl of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20539MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In parameterToHal of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the audio server with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20514MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In acquireFabricatedOverlayIterator, nextFabricatedOverlayInfos, and releaseFabricatedOverlayIterator of Idmap2Service.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed.…

  • CVE-2022-20509MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In mapGrantorDescr of MessageQueueBase.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20505MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitationProduct: AndroidVersions:…

  • CVE-2022-20504MedDec 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In multiple locations of DreamManagerService.java, there is a missing permission check. This could lead to local escalation of privilege and dismissal of system dialogs with User execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20460MedNov 17, 2022
    risk 0.44cvss 6.7epss 0.00

    In (TBD) mprot_unmap? of (TBD), there is a possible way to corrupt the memory mapping due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20459MedNov 17, 2022
    risk 0.44cvss 6.7epss 0.00

    In (TBD) of (TBD), there is a possible way to redirect code execution due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2022-20428MedNov 17, 2022
    risk 0.44cvss 6.7epss 0.00

    In (TBD) of (TBD), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:…

  • CVE-2022-20427MedNov 17, 2022
    risk 0.44cvss 6.7epss 0.00

    In (TBD) of (TBD), there is a possible way to corrupt memory due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2022-20454MedNov 8, 2022
    risk 0.44cvss 6.7epss 0.00

    In fdt_next_tag of fdt.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11…

  • CVE-2022-20412MedOct 11, 2022
    risk 0.44cvss 6.7epss 0.00

    In fdt_next_tag of fdt.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10…

  • CVE-2022-3048MedSep 26, 2022
    risk 0.44cvss 6.8epss 0.00

    Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device.

  • CVE-2022-20231MedSep 14, 2022
    risk 0.44cvss 6.7epss 0.00

    In smc_intc_request_fiq of arm_gic.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20314MedAug 12, 2022
    risk 0.44cvss 6.7epss 0.00

    In KeyChain, there is a possible spoof keychain chooser activity request due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20313MedAug 12, 2022
    risk 0.44cvss 6.8epss 0.00

    In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:…

  • CVE-2022-20306MedAug 12, 2022
    risk 0.44cvss 6.7epss 0.00

    In Camera Provider HAL, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:…

  • CVE-2022-20269MedAug 12, 2022
    risk 0.44cvss 6.8epss 0.00

    In Bluetooth, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:…

  • CVE-2022-20382MedAug 11, 2022
    risk 0.44cvss 6.7epss 0.00

    In (TBD) of (TBD), there is a possible out of bounds write due to kernel stack overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:…

  • CVE-2022-20379MedAug 11, 2022
    risk 0.44cvss 6.7epss 0.00

    In lwis_buffer_alloc of lwis_buffer.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20377MedAug 11, 2022
    risk 0.44cvss 6.7epss 0.00

    In TBD of keymaster_ipc.cpp, there is a possible to force gatekeeper, fingerprint, and faceauth to use a known HMAC key. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20376MedAug 11, 2022
    risk 0.44cvss 6.7epss 0.00

    In trusty_log_seq_start of trusty-log.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2022-20372MedAug 11, 2022
    risk 0.44cvss 6.7epss 0.00

    In exynos5_i2c_irq of (TBD), there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid…

  • CVE-2022-20369MedAug 11, 2022
    risk 0.44cvss 6.7epss 0.00

    In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20367MedAug 11, 2022
    risk 0.44cvss 6.7epss 0.00

    In construct_transaction of lwis_ioctl.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20366MedAug 11, 2022
    risk 0.44cvss 6.7epss 0.00

    In ioctl_dpm_clk_update of lwis_ioctl.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20158MedAug 11, 2022
    risk 0.44cvss 6.7epss 0.00

    In bdi_put and bdi_unregister of backing-dev.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20233MedJun 15, 2022
    risk 0.44cvss 6.7epss 0.00

    In param_find_digests_internal and related functions of the Titan-M source, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for…

  • CVE-2022-20201MedJun 15, 2022
    risk 0.44cvss 6.7epss 0.00

    In getAppSize of InstalldNativeService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20185MedJun 15, 2022
    risk 0.44cvss 6.7epss 0.00

    In TBD of TBD, there is a possible use after free bug. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-208842348References: N/A

  • CVE-2022-20183MedJun 15, 2022
    risk 0.44cvss 6.7epss 0.00

    In hypx_create_blob_dmabuf of faceauth_hypx.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20178MedJun 15, 2022
    risk 0.44cvss 6.7epss 0.00

    In ioctl_dpm_qos_update and ioctl_event_control_set of (TBD), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20166MedJun 15, 2022
    risk 0.44cvss 6.7epss 0.00

    In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20153MedJun 15, 2022
    risk 0.44cvss 6.7epss 0.00

    In rcu_cblist_dequeue of rcu_segcblist.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20152MedJun 15, 2022
    risk 0.44cvss 6.7epss 0.00

    In the TitanM chip, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid…

  • CVE-2022-20125MedJun 15, 2022
    risk 0.44cvss 6.8epss 0.00

    In GBoard, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20009MedMay 10, 2022
    risk 0.44cvss 6.8epss 0.00

    In various functions of the USB gadget subsystem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-25647HigMay 1, 2022
    risk 0.44cvss 7.7epss 0.12

    The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.

  • CVE-2021-39814MedApr 12, 2022
    risk 0.44cvss 6.7epss 0.00

    In ppmp_validate_wsm of drm_fw.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-39786MedMar 30, 2022
    risk 0.44cvss 6.7epss 0.00

    In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-192551247

  • CVE-2021-39736MedMar 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In prepare_io_entry and prepare_response of lwis_ioctl.c and lwis_periodic_io.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for…

  • CVE-2021-39733MedMar 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In amcs_cdev_unlocked_ioctl of audiometrics.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-39731MedMar 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In ProtocolStkProactiveCommandAdapter::Init of protocolstkadapter.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for…

  • CVE-2021-39729MedMar 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In the TitanM chip, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid…

  • CVE-2021-39725MedMar 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In gasket_free_coherent_memory_all of gasket_page_table.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

Page 116 of 229