Vendor CVEs
All CVEs
11,416 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-20445 | Hig | 0.49 | 7.5 | 0.00 | Nov 8, 2022 | In process_service_search_rsp of sdp_discovery.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2022-41986 | Hig | 0.49 | 7.5 | 0.01 | Oct 24, 2022 | Information disclosure vulnerability in Android App 'IIJ SmartKey' versions prior to 2.1.4 allows an attacker to obtain a one-time password issued by the product under certain conditions. | ||
| CVE-2022-20418 | Hig | 0.49 | 7.5 | 0.00 | Oct 11, 2022 | In pickStartSeq of AAVCAssembler.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2022-20410 | Hig | 0.49 | 7.5 | 0.01 | Oct 11, 2022 | In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2021-0947 | Hig | 0.49 | 7.5 | 0.00 | Aug 24, 2022 | The method PVRSRVBridgeTLDiscoverStreams allocates puiStreamsInt on the heap, fills the contents of the buffer via TLServerDiscoverStreamsKM, and then copies the buffer to userspace. The method TLServerDiscoverStreamsKM may fail for several reasons including invalid sizes. If… | ||
| CVE-2021-0946 | Hig | 0.49 | 7.5 | 0.00 | Aug 24, 2022 | The method PVRSRVBridgePMRPDumpSymbolicAddr allocates puiMemspaceNameInt on the heap, fills the contents of the buffer via PMR_PDumpSymbolicAddr, and then copies the buffer to userspace. The method PMR_PDumpSymbolicAddr may fail, and if it does the buffer will be left… | ||
| CVE-2021-0891 | Hig | 0.49 | 7.5 | 0.00 | Aug 24, 2022 | An unprivileged app can trigger PowerVR driver to return an uninitialized heap memory causing information disclosure.Product: AndroidVersions: Android SoCAndroid ID: A-236849490 | ||
| CVE-2022-20308 | Hig | 0.49 | 7.5 | 0.01 | Aug 12, 2022 | In hostapd, there is a possible insecure configuration due to an insecure default value. This could lead to remote denial of service of the wifi hotspot with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2022-20302 | Hig | 0.49 | 7.6 | 0.00 | Aug 12, 2022 | In Settings, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if the attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed… | ||
| CVE-2022-20408 | Hig | 0.49 | 7.5 | 0.00 | Aug 11, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-204782372References: N/A | ||
| CVE-2022-20407 | Hig | 0.49 | 7.5 | 0.00 | Aug 11, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-210916981References: N/A | ||
| CVE-2022-20406 | Hig | 0.49 | 7.5 | 0.00 | Aug 11, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-184676385References: N/A | ||
| CVE-2022-20404 | Hig | 0.49 | 7.5 | 0.00 | Aug 11, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-205714161References: N/A | ||
| CVE-2022-20401 | Hig | 0.49 | 7.5 | 0.00 | Aug 11, 2022 | In SAEMM_RetrievEPLMNList of SAEMM_ContextManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure post-authentication with no additional execution privileges needed. User interaction is not needed for… | ||
| CVE-2022-20380 | Hig | 0.49 | 7.5 | 0.00 | Aug 11, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-212625740References: N/A | ||
| CVE-2022-20375 | Hig | 0.49 | 7.5 | 0.01 | Aug 11, 2022 | In LteRrcNrProAsnDecode of LteRrcNr_Codec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2022-20370 | Hig | 0.49 | 7.5 | 0.00 | Aug 11, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-215730643References: N/A | ||
| CVE-2022-20247 | Hig | 0.49 | 7.5 | 0.00 | Aug 11, 2022 | In Media, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:… | ||
| CVE-2022-20244 | Hig | 0.49 | 7.5 | 0.00 | Aug 11, 2022 | In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if more than 100 bluetooth devices have been connected with no additional execution privileges needed. User interaction is not needed for… | ||
| CVE-2022-1487 | Hig | 0.49 | 7.5 | 0.01 | Jul 26, 2022 | Use after free in Ozone in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via running a Wayland test. | ||
| CVE-2022-1485 | Hig | 0.49 | 7.5 | 0.01 | Jul 26, 2022 | Use after free in File System API in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-1145 | Hig | 0.49 | 7.5 | 0.01 | Jul 23, 2022 | Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interaction and profile destruction. | ||
| CVE-2022-20236 | Hig | 0.49 | 7.5 | 0.00 | Jul 13, 2022 | A drm driver have oob problem, could cause the system crash or EOPProduct: AndroidVersions: Android SoCAndroid ID: A-233124709 | ||
| CVE-2022-20234 | Hig | 0.49 | 7.5 | 0.00 | Jul 13, 2022 | In Car Settings app, the NotificationAccessConfirmationActivity is exported. In NotificationAccessConfirmationActivity, it gets both 'mComponentName' and 'pkgTitle' from user.An unprivileged app can use a malicous mComponentName with a benign pkgTitle (e.g. Settings app) to make… | ||
| CVE-2022-20224 | Hig | 0.49 | 7.5 | 0.01 | Jul 13, 2022 | In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for… | ||
| CVE-2022-20190 | Hig | 0.49 | 7.5 | 0.00 | Jun 15, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-208744915References: N/A | ||
| CVE-2022-20188 | Hig | 0.49 | 7.5 | 0.00 | Jun 15, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-207254598References: N/A | ||
| CVE-2022-20184 | Hig | 0.49 | 7.5 | 0.00 | Jun 15, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-209153114References: N/A | ||
| CVE-2022-20181 | Hig | 0.49 | 7.5 | 0.00 | Jun 15, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-210936609References: N/A | ||
| CVE-2022-20179 | Hig | 0.49 | 7.5 | 0.00 | Jun 15, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-211683760References: N/A | ||
| CVE-2022-20177 | Hig | 0.49 | 7.5 | 0.00 | Jun 15, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-209906686References: N/A | ||
| CVE-2022-20175 | Hig | 0.49 | 7.5 | 0.00 | Jun 15, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-209252491References: N/A | ||
| CVE-2022-20169 | Hig | 0.49 | 7.5 | 0.00 | Jun 15, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-211162353References: N/A | ||
| CVE-2022-20168 | Hig | 0.49 | 7.5 | 0.00 | Jun 15, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-210594998References: N/A | ||
| CVE-2022-20151 | Hig | 0.49 | 7.5 | 0.00 | Jun 15, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-210712565References: N/A | ||
| CVE-2022-20149 | Hig | 0.49 | 7.5 | 0.00 | Jun 15, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-211685939References: N/A | ||
| CVE-2022-20131 | Hig | 0.49 | 7.5 | 0.01 | Jun 15, 2022 | In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2022-20123 | Hig | 0.49 | 7.5 | 0.01 | Jun 15, 2022 | In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2021-39809 | Hig | 0.49 | 7.5 | 0.01 | Apr 12, 2022 | In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2021-39762 | Hig | 0.49 | 7.5 | 0.01 | Mar 30, 2022 | In tremolo, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID:… | ||
| CVE-2021-39726 | Hig | 0.49 | 7.5 | 0.01 | Mar 16, 2022 | In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2021-39716 | Hig | 0.49 | 7.5 | 0.00 | Mar 16, 2022 | Product: AndroidVersions: Android kernelAndroid ID: A-206977562References: N/A | ||
| CVE-2021-39677 | Hig | 0.49 | 7.5 | 0.00 | Feb 11, 2022 | In startVideoStream() there is a possibility of an OOB Read in the heap, when the camera buffer is ‘zero’ in size.Product: AndroidVersions: Android-11Android ID: A-205097028 | ||
| CVE-2021-39646 | Hig | 0.49 | 7.5 | 0.00 | Dec 15, 2021 | Product: AndroidVersions: Android kernelAndroid ID: A-201537251References: N/A | ||
| CVE-2021-1045 | Hig | 0.49 | 7.5 | 0.00 | Dec 15, 2021 | Product: AndroidVersions: Android kernelAndroid ID: A-195580473References: N/A | ||
| CVE-2021-1022 | Hig | 0.49 | 7.5 | 0.01 | Dec 15, 2021 | In btif_in_hf_client_generic_evt of btif_hf_client.cc, there is a possible Bluetooth service crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2021-0925 | Hig | 0.49 | 7.5 | 0.01 | Dec 15, 2021 | In rw_t4t_sm_detect_ndef of rw_t4t.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure due to a limited change in behavior based on the out of bounds data with no additional execution privileges needed.… | ||
| CVE-2021-37991 | Hig | 0.49 | 7.5 | 0.01 | Nov 2, 2021 | Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2021-30603 | Hig | 0.49 | 7.5 | 0.04 | Aug 26, 2021 | Data race in WebAudio in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2021-0555 | Hig | 0.49 | 7.5 | 0.01 | Jun 22, 2021 | In RenderStruct of protostream_objectsource.cc, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:… |
- risk 0.49cvss 7.5epss 0.00
In process_service_search_rsp of sdp_discovery.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.49cvss 7.5epss 0.01
Information disclosure vulnerability in Android App 'IIJ SmartKey' versions prior to 2.1.4 allows an attacker to obtain a one-time password issued by the product under certain conditions.
- risk 0.49cvss 7.5epss 0.00
In pickStartSeq of AAVCAssembler.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
- risk 0.49cvss 7.5epss 0.01
In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.49cvss 7.5epss 0.00
The method PVRSRVBridgeTLDiscoverStreams allocates puiStreamsInt on the heap, fills the contents of the buffer via TLServerDiscoverStreamsKM, and then copies the buffer to userspace. The method TLServerDiscoverStreamsKM may fail for several reasons including invalid sizes. If…
- risk 0.49cvss 7.5epss 0.00
The method PVRSRVBridgePMRPDumpSymbolicAddr allocates puiMemspaceNameInt on the heap, fills the contents of the buffer via PMR_PDumpSymbolicAddr, and then copies the buffer to userspace. The method PMR_PDumpSymbolicAddr may fail, and if it does the buffer will be left…
- risk 0.49cvss 7.5epss 0.00
An unprivileged app can trigger PowerVR driver to return an uninitialized heap memory causing information disclosure.Product: AndroidVersions: Android SoCAndroid ID: A-236849490
- risk 0.49cvss 7.5epss 0.01
In hostapd, there is a possible insecure configuration due to an insecure default value. This could lead to remote denial of service of the wifi hotspot with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
- risk 0.49cvss 7.6epss 0.00
In Settings, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if the attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed…
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-204782372References: N/A
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-210916981References: N/A
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-184676385References: N/A
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-205714161References: N/A
- risk 0.49cvss 7.5epss 0.00
In SAEMM_RetrievEPLMNList of SAEMM_ContextManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure post-authentication with no additional execution privileges needed. User interaction is not needed for…
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-212625740References: N/A
- risk 0.49cvss 7.5epss 0.01
In LteRrcNrProAsnDecode of LteRrcNr_Codec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-215730643References: N/A
- risk 0.49cvss 7.5epss 0.00
In Media, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:…
- risk 0.49cvss 7.5epss 0.00
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if more than 100 bluetooth devices have been connected with no additional execution privileges needed. User interaction is not needed for…
- risk 0.49cvss 7.5epss 0.01
Use after free in Ozone in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via running a Wayland test.
- risk 0.49cvss 7.5epss 0.01
Use after free in File System API in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.49cvss 7.5epss 0.01
Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interaction and profile destruction.
- risk 0.49cvss 7.5epss 0.00
A drm driver have oob problem, could cause the system crash or EOPProduct: AndroidVersions: Android SoCAndroid ID: A-233124709
- risk 0.49cvss 7.5epss 0.00
In Car Settings app, the NotificationAccessConfirmationActivity is exported. In NotificationAccessConfirmationActivity, it gets both 'mComponentName' and 'pkgTitle' from user.An unprivileged app can use a malicous mComponentName with a benign pkgTitle (e.g. Settings app) to make…
- risk 0.49cvss 7.5epss 0.01
In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for…
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-208744915References: N/A
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-207254598References: N/A
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-209153114References: N/A
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-210936609References: N/A
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-211683760References: N/A
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-209906686References: N/A
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-209252491References: N/A
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-211162353References: N/A
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-210594998References: N/A
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-210712565References: N/A
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-211685939References: N/A
- risk 0.49cvss 7.5epss 0.01
In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.49cvss 7.5epss 0.01
In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.49cvss 7.5epss 0.01
In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.49cvss 7.5epss 0.01
In tremolo, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID:…
- risk 0.49cvss 7.5epss 0.01
In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-206977562References: N/A
- risk 0.49cvss 7.5epss 0.00
In startVideoStream() there is a possibility of an OOB Read in the heap, when the camera buffer is ‘zero’ in size.Product: AndroidVersions: Android-11Android ID: A-205097028
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-201537251References: N/A
- risk 0.49cvss 7.5epss 0.00
Product: AndroidVersions: Android kernelAndroid ID: A-195580473References: N/A
- risk 0.49cvss 7.5epss 0.01
In btif_in_hf_client_generic_evt of btif_hf_client.cc, there is a possible Bluetooth service crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.49cvss 7.5epss 0.01
In rw_t4t_sm_detect_ndef of rw_t4t.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure due to a limited change in behavior based on the out of bounds data with no additional execution privileges needed.…
- risk 0.49cvss 7.5epss 0.01
Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.49cvss 7.5epss 0.04
Data race in WebAudio in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.49cvss 7.5epss 0.01
In RenderStruct of protostream_objectsource.cc, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
Page 99 of 229