Google Android vulnerabilities

9,646 known vulnerabilities affecting google/android.

Total CVEs

9,646

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL883HIGH5184MEDIUM3317LOW260UNKNOWN2

Vulnerabilities

Page 177 of 483

CVE-2022-36847HIGHCVSS 7.8v10.02022-09-09

CVE-2022-36847 [HIGH] CWE-416 CVE-2022-36847: Use after free vulnerability in mtp_send_signal function of MTP driver prior to SMR Sep-2022 Release Use after free vulnerability in mtp_send_signal function of MTP driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious actions.

nvd

CVE-2022-36862HIGHCVSS 7.8v10.0v11.0+1 more2022-09-09

CVE-2022-36862 [HIGH] CWE-122 CVE-2022-36862: A heap-based overflow vulnerability in HWR::EngineCJK::Impl::Construct() in libSDKRecognitionText.sp A heap-based overflow vulnerability in HWR::EngineCJK::Impl::Construct() in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

nvd

CVE-2022-39119HIGHCVSS 7.8v10.0v11.0+1 more2022-09-09

CVE-2022-39119 [HIGH] CWE-862 CVE-2022-39119: In network service, there is a missing permission check. This could lead to local escalation of priv In network service, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

nvd

CVE-2022-36858HIGHCVSS 7.8v10.0v11.0+1 more2022-09-09

CVE-2022-36858 [HIGH] CWE-122 CVE-2022-36858: A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc() function in libSDKRecognition A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc() function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

nvd

CVE-2022-36845HIGHCVSS 7.8v10.0v11.0+1 more2022-09-09

CVE-2022-36845 [HIGH] CWE-122 CVE-2022-36845: A heap-based overflow vulnerability in MHW_RECOG_LIB_INFO function in libSDKRecognitionText.spensdk. A heap-based overflow vulnerability in MHW_RECOG_LIB_INFO function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

nvd

CVE-2022-36849HIGHCVSS 7.8v10.0v11.0+1 more2022-09-09

CVE-2022-36849 [HIGH] CWE-416 CVE-2022-36849: Use after free vulnerability in sdp_mm_set_process_sensitive function of sdpmm driver prior to SMR S Use after free vulnerability in sdp_mm_set_process_sensitive function of sdpmm driver prior to SMR Sep-2022 Release 1 allows attackers to perform malicious actions.

nvd

CVE-2022-36863HIGHCVSS 7.8v10.0v11.0+1 more2022-09-09

CVE-2022-36863 [HIGH] CWE-122 CVE-2022-36863: A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc function in libSDKRecognitionTe A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

nvd

CVE-2022-36846HIGHCVSS 7.8v10.0v11.0+1 more2022-09-09

CVE-2022-36846 [HIGH] CWE-122 CVE-2022-36846: A heap-based overflow vulnerability in ConstructDictionary function in libSDKRecognitionText.spensdk A heap-based overflow vulnerability in ConstructDictionary function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

nvd

CVE-2022-36844HIGHCVSS 7.8v10.0v11.0+1 more2022-09-09

CVE-2022-36844 [HIGH] CWE-122 CVE-2022-36844: A heap-based overflow vulnerability in HWR::EngJudgeModel::Construct() in libSDKRecognitionText.spen A heap-based overflow vulnerability in HWR::EngJudgeModel::Construct() in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

nvd

CVE-2022-36843HIGHCVSS 7.8v10.0v11.0+1 more2022-09-09

CVE-2022-36843 [HIGH] CWE-122 CVE-2022-36843: A heap-based overflow vulnerability in MHW_RECOG_LIB_INFO function in libSDKRecognitionText.spensdk. A heap-based overflow vulnerability in MHW_RECOG_LIB_INFO function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

nvd

CVE-2022-36842HIGHCVSS 7.8v10.0v11.0+1 more2022-09-09

CVE-2022-36842 [HIGH] CWE-122 CVE-2022-36842: A heap-based overflow vulnerability in prepareRecogLibrary function in libSDKRecognitionText.spensdk A heap-based overflow vulnerability in prepareRecogLibrary function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

nvd

CVE-2022-36855HIGHCVSS 7.8v10.0v11.0+1 more2022-09-09

CVE-2022-36855 [HIGH] CWE-416 CVE-2022-36855: A use after free vulnerability in iva_ctl driver prior to SMR Sep-2022 Release 1 allows attacker to A use after free vulnerability in iva_ctl driver prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

nvd

CVE-2022-36841HIGHCVSS 7.8v10.0v11.0+1 more2022-09-09

CVE-2022-36841 [HIGH] CWE-122 CVE-2022-36841: A heap-based overflow vulnerability in PrepareRecogLibrary_Part function in libSDKRecognitionText.sp A heap-based overflow vulnerability in PrepareRecogLibrary_Part function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

nvd

CVE-2022-36860HIGHCVSS 7.8v10.0v11.0+1 more2022-09-09

CVE-2022-36860 [HIGH] CWE-122 CVE-2022-36860: A heap-based overflow vulnerability in LoadEnvironment function in libSDKRecognitionText.spensdk.sam A heap-based overflow vulnerability in LoadEnvironment function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

nvd

CVE-2022-36853HIGHCVSS 7.5v10.0v11.0+1 more2022-09-09

CVE-2022-36853 [HIGH] CWE-20 CVE-2022-36853: Intent redirection in Photo Editor prior to SMR Sep-2022 Release 1 allows attacker to get sensitive Intent redirection in Photo Editor prior to SMR Sep-2022 Release 1 allows attacker to get sensitive information.

nvd

CVE-2022-36850MEDIUMCVSS 4.7v12.02022-09-09

CVE-2022-36850 [MEDIUM] CWE-20 CVE-2022-36850: Path traversal vulnerability in CallBGProvider prior to SMR Sep-2022 Release 1 allows attacker to ov Path traversal vulnerability in CallBGProvider prior to SMR Sep-2022 Release 1 allows attacker to overwrite arbitrary file with phone uid.

nvd

CVE-2022-36848MEDIUMCVSS 5.5v10.0v11.0+1 more2022-09-09

CVE-2022-36848 [MEDIUM] CWE-285 CVE-2022-36848: Improper Authorization vulnerability in setDualDARPolicyCmd prior to SMR Sep-2022 Release 1 allows l Improper Authorization vulnerability in setDualDARPolicyCmd prior to SMR Sep-2022 Release 1 allows local attackers to cause local permanent denial of service.

nvd

CVE-2022-36861MEDIUMCVSS 5.3v10.0v11.0+1 more2022-09-09

CVE-2022-36861 [MEDIUM] CWE-269 CVE-2022-36861: Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker t Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystemUI privilege.

nvd

CVE-2022-36854MEDIUMCVSS 5.5v10.0v11.0+1 more2022-09-09

CVE-2022-36854 [MEDIUM] CWE-20 CVE-2022-36854: Out of bound read in libapexjni.media.samsung.so prior to SMR Sep-2022 Release 1 allows attacker acc Out of bound read in libapexjni.media.samsung.so prior to SMR Sep-2022 Release 1 allows attacker access unauthorized information.

nvd

CVE-2022-36852LOWCVSS 3.3v11.0v12.02022-09-09

CVE-2022-36852 [LOW] CWE-285 CVE-2022-36852: Improper Authorization vulnerability in Video Editor prior to SMR Sep-2022 Release 1 allows local at Improper Authorization vulnerability in Video Editor prior to SMR Sep-2022 Release 1 allows local attacker to access internal application data.

nvd

← Previous177 / 483Next →