VYPR

Vendor CVEs

Google

All CVEs

11,416 total · sorted by risk
  • CVE-2022-20445HigNov 8, 2022
    risk 0.49cvss 7.5epss 0.00

    In process_service_search_rsp of sdp_discovery.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-41986HigOct 24, 2022
    risk 0.49cvss 7.5epss 0.01

    Information disclosure vulnerability in Android App 'IIJ SmartKey' versions prior to 2.1.4 allows an attacker to obtain a one-time password issued by the product under certain conditions.

  • CVE-2022-20418HigOct 11, 2022
    risk 0.49cvss 7.5epss 0.00

    In pickStartSeq of AAVCAssembler.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20410HigOct 11, 2022
    risk 0.49cvss 7.5epss 0.01

    In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-0947HigAug 24, 2022
    risk 0.49cvss 7.5epss 0.00

    The method PVRSRVBridgeTLDiscoverStreams allocates puiStreamsInt on the heap, fills the contents of the buffer via TLServerDiscoverStreamsKM, and then copies the buffer to userspace. The method TLServerDiscoverStreamsKM may fail for several reasons including invalid sizes. If…

  • CVE-2021-0946HigAug 24, 2022
    risk 0.49cvss 7.5epss 0.00

    The method PVRSRVBridgePMRPDumpSymbolicAddr allocates puiMemspaceNameInt on the heap, fills the contents of the buffer via PMR_PDumpSymbolicAddr, and then copies the buffer to userspace. The method PMR_PDumpSymbolicAddr may fail, and if it does the buffer will be left…

  • CVE-2021-0891HigAug 24, 2022
    risk 0.49cvss 7.5epss 0.00

    An unprivileged app can trigger PowerVR driver to return an uninitialized heap memory causing information disclosure.Product: AndroidVersions: Android SoCAndroid ID: A-236849490

  • CVE-2022-20308HigAug 12, 2022
    risk 0.49cvss 7.5epss 0.01

    In hostapd, there is a possible insecure configuration due to an insecure default value. This could lead to remote denial of service of the wifi hotspot with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20302HigAug 12, 2022
    risk 0.49cvss 7.6epss 0.00

    In Settings, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if the attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed…

  • CVE-2022-20408HigAug 11, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-204782372References: N/A

  • CVE-2022-20407HigAug 11, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-210916981References: N/A

  • CVE-2022-20406HigAug 11, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-184676385References: N/A

  • CVE-2022-20404HigAug 11, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-205714161References: N/A

  • CVE-2022-20401HigAug 11, 2022
    risk 0.49cvss 7.5epss 0.00

    In SAEMM_RetrievEPLMNList of SAEMM_ContextManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure post-authentication with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20380HigAug 11, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-212625740References: N/A

  • CVE-2022-20375HigAug 11, 2022
    risk 0.49cvss 7.5epss 0.01

    In LteRrcNrProAsnDecode of LteRrcNr_Codec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20370HigAug 11, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-215730643References: N/A

  • CVE-2022-20247HigAug 11, 2022
    risk 0.49cvss 7.5epss 0.00

    In Media, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:…

  • CVE-2022-20244HigAug 11, 2022
    risk 0.49cvss 7.5epss 0.00

    In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if more than 100 bluetooth devices have been connected with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-1487HigJul 26, 2022
    risk 0.49cvss 7.5epss 0.01

    Use after free in Ozone in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via running a Wayland test.

  • CVE-2022-1485HigJul 26, 2022
    risk 0.49cvss 7.5epss 0.01

    Use after free in File System API in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-1145HigJul 23, 2022
    risk 0.49cvss 7.5epss 0.01

    Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interaction and profile destruction.

  • CVE-2022-20236HigJul 13, 2022
    risk 0.49cvss 7.5epss 0.00

    A drm driver have oob problem, could cause the system crash or EOPProduct: AndroidVersions: Android SoCAndroid ID: A-233124709

  • CVE-2022-20234HigJul 13, 2022
    risk 0.49cvss 7.5epss 0.00

    In Car Settings app, the NotificationAccessConfirmationActivity is exported. In NotificationAccessConfirmationActivity, it gets both 'mComponentName' and 'pkgTitle' from user.An unprivileged app can use a malicous mComponentName with a benign pkgTitle (e.g. Settings app) to make…

  • CVE-2022-20224HigJul 13, 2022
    risk 0.49cvss 7.5epss 0.01

    In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20190HigJun 15, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-208744915References: N/A

  • CVE-2022-20188HigJun 15, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-207254598References: N/A

  • CVE-2022-20184HigJun 15, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-209153114References: N/A

  • CVE-2022-20181HigJun 15, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-210936609References: N/A

  • CVE-2022-20179HigJun 15, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-211683760References: N/A

  • CVE-2022-20177HigJun 15, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-209906686References: N/A

  • CVE-2022-20175HigJun 15, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-209252491References: N/A

  • CVE-2022-20169HigJun 15, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-211162353References: N/A

  • CVE-2022-20168HigJun 15, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-210594998References: N/A

  • CVE-2022-20151HigJun 15, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-210712565References: N/A

  • CVE-2022-20149HigJun 15, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-211685939References: N/A

  • CVE-2022-20131HigJun 15, 2022
    risk 0.49cvss 7.5epss 0.01

    In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-20123HigJun 15, 2022
    risk 0.49cvss 7.5epss 0.01

    In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-39809HigApr 12, 2022
    risk 0.49cvss 7.5epss 0.01

    In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-39762HigMar 30, 2022
    risk 0.49cvss 7.5epss 0.01

    In tremolo, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID:…

  • CVE-2021-39726HigMar 16, 2022
    risk 0.49cvss 7.5epss 0.01

    In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-39716HigMar 16, 2022
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-206977562References: N/A

  • CVE-2021-39677HigFeb 11, 2022
    risk 0.49cvss 7.5epss 0.00

    In startVideoStream() there is a possibility of an OOB Read in the heap, when the camera buffer is ‘zero’ in size.Product: AndroidVersions: Android-11Android ID: A-205097028

  • CVE-2021-39646HigDec 15, 2021
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-201537251References: N/A

  • CVE-2021-1045HigDec 15, 2021
    risk 0.49cvss 7.5epss 0.00

    Product: AndroidVersions: Android kernelAndroid ID: A-195580473References: N/A

  • CVE-2021-1022HigDec 15, 2021
    risk 0.49cvss 7.5epss 0.01

    In btif_in_hf_client_generic_evt of btif_hf_client.cc, there is a possible Bluetooth service crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-0925HigDec 15, 2021
    risk 0.49cvss 7.5epss 0.01

    In rw_t4t_sm_detect_ndef of rw_t4t.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure due to a limited change in behavior based on the out of bounds data with no additional execution privileges needed.…

  • CVE-2021-37991HigNov 2, 2021
    risk 0.49cvss 7.5epss 0.01

    Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-30603HigAug 26, 2021
    risk 0.49cvss 7.5epss 0.04

    Data race in WebAudio in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-0555HigJun 22, 2021
    risk 0.49cvss 7.5epss 0.01

    In RenderStruct of protostream_objectsource.cc, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

Page 99 of 229