Google Android vulnerabilities

CVE-2022-20262 [LOW] CWE-862 CVE-2022-20262: In ActivityManager, there is a possible way to check another process's capabilities due to a missing In ActivityManager, there is a possible way to check another process's capabilities due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-218338453

CVE-2022-20315 [LOW] CWE-862 CVE-2022-20315: In ActivityManager, there is a possible disclosure of installed packages due to a missing permission In ActivityManager, there is a possible disclosure of installed packages due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-191058227

CVE-2022-20309 [LOW] CWE-203 CVE-2022-20309: In PackageInstaller, there is a possible way to determine whether an app is installed, without query In PackageInstaller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-19

CVE-2022-20339 [LOW] CVE-2022-20339: In Android, there is a possible access of network neighbor table information due to an insecure SEpo In Android, there is a possible access of network neighbor table information due to an insecure SEpolicy configuration. This could lead to local information disclosure of network topography with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-171572148

CVE-2022-20328 [LOW] CWE-862 CVE-2022-20328: In PackageManager, there is a possible way to determine whether an app is installed due to a missing In PackageManager, there is a possible way to determine whether an app is installed due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-184948501

CVE-2022-20316 [LOW] CWE-203 CVE-2022-20316: In ContentResolver, there is a possible way to determine whether an app is installed, without query In ContentResolver, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-1907

CVE-2022-20342 [LOW] CWE-1188 CVE-2022-20342: In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure default In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-143534321

CVE-2022-20310 [LOW] CWE-862 CVE-2022-20310: In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missi In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-192663798

CVE-2022-20305 [LOW] CWE-862 CVE-2022-20305: In ContentService, there is a possible disclosure of available account types due to a missing permis In ContentService, there is a possible disclosure of available account types due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-199751623

CVE-2022-20335 [LOW] CWE-862 CVE-2022-20335: In Wifi Slice, there is a possible way to adjust Wi-Fi settings even when the permission has been di In Wifi Slice, there is a possible way to adjust Wi-Fi settings even when the permission has been disabled due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-178014725

CVE-2022-20261 [LOW] CWE-862 CVE-2022-20261: In LocationManager, there is a possible way to get location information due to a missing permission In LocationManager, there is a possible way to get location information due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-219835125

CVE-2022-20327 [LOW] CWE-862 CVE-2022-20327: In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a mi In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-185126813

CVE-2022-20247 [HIGH] CWE-787 CVE-2022-20247: In Media, there is a possible out of bounds read due to a heap buffer overflow. This could lead to r In Media, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-229858836

CVE-2022-20244 [HIGH] CWE-787 CVE-2022-20244: In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if more than 100 bluetooth devices have been connected with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-201083240

CVE-2022-20250 [HIGH] CVE-2022-20250: In Messaging, there is a possible way to attach files to a message without proper access checks due In Messaging, there is a possible way to attach files to a message without proper access checks due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-226134095

CVE-2022-20246 [HIGH] CWE-276 CVE-2022-20246: In WindowManager, there is a possible bypass of the restrictions for starting activities from the ba In WindowManager, there is a possible bypass of the restrictions for starting activities from the background due to an incorrect UID/permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-2304931

CVE-2022-20248 [HIGH] CVE-2022-20248: In Settings, there is a possible way to connect to an open network bypassing DISALLOW_CONFIG_WIFI re In Settings, there is a possible way to connect to an open network bypassing DISALLOW_CONFIG_WIFI restriction due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227619193

CVE-2021-0734 [MEDIUM] CWE-668 CVE-2021-0734: In Settings, there is a possible way to determine whether an app is installed without query permissi In Settings, there is a possible way to determine whether an app is installed without query permissions, due to side channel information disclosure. This could lead to local information disclosure of an installed package, without proper query permissions, with no additional execution privileges needed. User interaction is not needed for exploitation.P

CVE-2021-0735 [MEDIUM] CWE-862 CVE-2021-0735: In PackageManager, there is a possible way to get information about installed packages ignoring limi In PackageManager, there is a possible way to get information about installed packages ignoring limitations introduced in Android 11 due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Andro

CVE-2021-0975 [MEDIUM] CWE-203 CVE-2021-0975: In USB Manager, there is a possible way to determine whether an app is installed, without query perm In USB Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure of installed packages with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-