Google Android vulnerabilities

9,646 known vulnerabilities affecting google/android.

Total CVEs

9,646

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL883HIGH5184MEDIUM3317LOW260UNKNOWN2

Vulnerabilities

Page 164 of 483

CVE-2022-39899MEDIUMCVSS 4.3v10.0v11.0+2 more2022-12-08

CVE-2022-39899 [MEDIUM] CWE-287 CVE-2022-39899: Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture.

nvd

CVE-2022-39904LOWCVSS 3.3v10.0v11.0+1 more2022-12-08

CVE-2022-39904 [LOW] CWE-200 CVE-2022-39904: Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release 1 Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release 1 allows local attackers to access the Network Access Identifier via log.

nvd

CVE-2022-39898LOWCVSS 3.3v10.0v11.0+2 more2022-12-08

CVE-2022-39898 [LOW] CWE-284 CVE-2022-39898: Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attack Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of usim.

nvd

CVE-2022-39906LOWCVSS 3.3v10.0v11.0+2 more2022-12-08

CVE-2022-39906 [LOW] CWE-284 CVE-2022-39906: Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information.

nvd

CVE-2022-39914LOWCVSS 3.3fixed in 13.02022-12-08

CVE-2022-39914 [LOW] CWE-200 CVE-2022-39914: Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung DisplayManager Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung DisplayManagerService prior to Android T(13) allows local attacker to access connected DLNA device information.

nvd

CVE-2022-39903LOWCVSS 3.3v10.0v11.0+2 more2022-12-08

CVE-2022-39903 [LOW] CWE-200 CVE-2022-39903: Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local attac Improper access control vulnerability in RCS call prior to SMR Dec-2022 Release 1 allows local attackers to access RCS incoming call number.

nvd

CVE-2022-39913LOWCVSS 3.3fixed in 13.02022-12-08

CVE-2022-39913 [LOW] CWE-200 CVE-2022-39913: Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T(13) Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T(13) allows local attacker to access user profiles information.

nvd

CVE-2022-39895LOWCVSS 3.3v10.0v11.0+1 more2022-12-08

CVE-2022-39895 [LOW] CWE-284 CVE-2022-39895: Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 a Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent.

nvd

CVE-2022-39912LOWCVSS 3.3fixed in 13.02022-12-08

CVE-2022-39912 [LOW] CWE-280 CVE-2022-39912: Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManag Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T(13) allows local attackers to set some setting value in Secure folder.

nvd

CVE-2022-39894LOWCVSS 3.3v10.0v11.0+1 more2022-12-08

CVE-2022-39894 [LOW] CWE-284 CVE-2022-39894: Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-20 Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.

nvd

CVE-2022-39896LOWCVSS 3.3v10.0v11.0+1 more2022-12-08

CVE-2022-39896 [LOW] CWE-284 CVE-2022-39896: Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.

nvd

CVE-2022-39095HIGHCVSS 7.8v10.0v11.0+1 more2022-12-06

CVE-2022-39095 [HIGH] CWE-862 CVE-2022-39095: In power management service, there is a missing permission check. This could lead to set up power ma In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.

nvd

CVE-2022-39101HIGHCVSS 7.8v10.0v11.0+1 more2022-12-06

CVE-2022-39101 [HIGH] CWE-862 CVE-2022-39101: In power management service, there is a missing permission check. This could lead to set up power ma In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.

nvd

CVE-2022-42777HIGHCVSS 7.8v10.0v11.0+1 more2022-12-06

CVE-2022-42777 [HIGH] CWE-862 CVE-2022-42777: In power management service, there is a missing permission check. This could lead to set up power ma In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.

nvd

CVE-2022-39098HIGHCVSS 7.8v10.0v11.0+1 more2022-12-06

CVE-2022-39098 [HIGH] CWE-862 CVE-2022-39098: In power management service, there is a missing permission check. This could lead to set up power ma In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.

nvd

CVE-2022-39096HIGHCVSS 7.8v10.0v11.0+1 more2022-12-06

CVE-2022-39096 [HIGH] CWE-862 CVE-2022-39096: In power management service, there is a missing permission check. This could lead to set up power ma In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.

nvd

CVE-2022-42778HIGHCVSS 7.8v11.02022-12-06

CVE-2022-42778 [HIGH] CWE-862 CVE-2022-42778: In windows manager service, there is a missing permission check. This could lead to set up windows m In windows manager service, there is a missing permission check. This could lead to set up windows manager service with no additional execution privileges needed.

nvd

CVE-2022-39099HIGHCVSS 7.8v10.0v11.0+1 more2022-12-06

CVE-2022-39099 [HIGH] CWE-862 CVE-2022-39099: In power management service, there is a missing permission check. This could lead to set up power ma In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.

nvd

CVE-2022-39102HIGHCVSS 7.8v10.0v11.0+1 more2022-12-06

CVE-2022-39102 [HIGH] CWE-862 CVE-2022-39102: In power management service, there is a missing permission check. This could lead to set up power ma In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.

nvd

CVE-2022-39093HIGHCVSS 7.8v10.0v11.0+1 more2022-12-06

CVE-2022-39093 [HIGH] CWE-862 CVE-2022-39093: In power management service, there is a missing permission check. This could lead to set up power ma In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.

nvd

← Previous164 / 483Next →