Google Android vulnerabilities

9,646 known vulnerabilities affecting google/android.

Total CVEs

9,646

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL883HIGH5184MEDIUM3317LOW260UNKNOWN2

Vulnerabilities

Page 205 of 483

CVE-2022-20065MEDIUMCVSS 6.7v10.0v11.0+1 more2022-04-11

CVE-2022-20065 [MEDIUM] CWE-125 CVE-2022-20065: In ccci, there is a possible out of bounds read due to a missing bounds check. This could lead to lo In ccci, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108658; Issue ID: ALPS06108658.

nvd

CVE-2022-20078MEDIUMCVSS 6.4v11.0v12.02022-04-11

CVE-2022-20078 [MEDIUM] CWE-362 CVE-2022-20078: In vow, there is a possible memory corruption due to a race condition. This could lead to local esca In vow, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05852819; Issue ID: ALPS05852819.

nvd

CVE-2022-20064MEDIUMCVSS 6.7v10.0v11.0+1 more2022-04-11

CVE-2022-20064 [MEDIUM] CWE-125 CVE-2022-20064: In ccci, there is a possible leak of kernel pointer due to an incorrect bounds check. This could lea In ccci, there is a possible leak of kernel pointer due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108617; Issue ID: ALPS06108617.

nvd

CVE-2022-25831MEDIUMCVSS 4.6v10.0v11.0+1 more2022-04-11

CVE-2022-25831 [MEDIUM] CWE-284 CVE-2022-25831: Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical at Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to access secured data in certain conditions.

nvd

CVE-2022-20075MEDIUMCVSS 6.7v10.0v11.0+1 more2022-04-11

CVE-2022-20075 [MEDIUM] CWE-190 CVE-2022-20075: In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05838808.

nvd

CVE-2022-27831MEDIUMCVSS 4.4v10.0v11.0+1 more2022-04-11

CVE-2022-27831 [MEDIUM] CWE-125 CVE-2022-27831: Improper boundary check in sflvd_rdbuf_bits of libsflvextractor prior to SMR Apr-2022 Release 1 allo Improper boundary check in sflvd_rdbuf_bits of libsflvextractor prior to SMR Apr-2022 Release 1 allows attackers to read out of bounds memory.

nvd

CVE-2022-20079MEDIUMCVSS 4.4v10.0v11.02022-04-11

CVE-2022-20079 [MEDIUM] CWE-908 CVE-2022-20079: In vow, there is a possible read of uninitialized data due to a improper input validation. This coul In vow, there is a possible read of uninitialized data due to a improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05837742; Issue ID: ALPS05857289.

nvd

CVE-2022-20072MEDIUMCVSS 6.7v11.0v12.02022-04-11

CVE-2022-20072 [MEDIUM] CWE-697 CVE-2022-20072: In search engine service, there is a possible way to change the default search engine due to an inco In search engine service, there is a possible way to change the default search engine due to an incorrect comparison. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06219118; Issue ID: ALPS06219118.

nvd

CVE-2022-25832MEDIUMCVSS 6.8v11.0v12.02022-04-11

CVE-2022-25832 [MEDIUM] CWE-287 CVE-2022-25832: Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical at Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to use locked Myfiles app without authentication.

nvd

CVE-2022-26090LOWCVSS 3.3v10.0v11.02022-04-11

CVE-2022-26090 [LOW] CWE-815 CVE-2022-26090: Improper access control vulnerability in SamsungContacts prior to SMR Apr-2022 Release 1 allows that Improper access control vulnerability in SamsungContacts prior to SMR Apr-2022 Release 1 allows that attackers can access contact information without permission.

nvd

CVE-2022-27576LOWCVSS 3.3v10.0v11.0+1 more2022-04-11

CVE-2022-27576 [LOW] CWE-200 CVE-2022-27576: Information exposure vulnerability in Samsung DeX Home prior to SMR April-2022 Release 1 allows to a Information exposure vulnerability in Samsung DeX Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission

nvd

CVE-2022-25833LOWCVSS 3.3v10.0v11.02022-04-11

CVE-2022-25833 [LOW] CWE-287 CVE-2022-25833: Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get IMSI w Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission.

nvd

CVE-2022-27832LOWCVSS 3.3v10.0v11.0+1 more2022-04-11

CVE-2022-27832 [LOW] CWE-125 CVE-2022-27832: Improper boundary check in media.extractor library prior to SMR Apr-2022 Release 1 allows attackers Improper boundary check in media.extractor library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via a crafted media file.

nvd

CVE-2022-27575LOWCVSS 3.3v10.0v11.0+1 more2022-04-11

CVE-2022-27575 [LOW] CWE-200 CVE-2022-27575: Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission.

nvd

CVE-2021-30339CRITICALCVSS 9.02022-04-01

CVE-2021-30339 [CRITICAL] CVE-2021-30339: Closed-source component Android Security Bulletin 2022-04-01 CVE: CVE-2021-30339 Severity: CRITICAL Component: Closed-source component References: A-202025975 *

android

CVE-2021-30347CRITICALCVSS 9.12022-04-01

CVE-2021-30347 [CRITICAL] CVE-2021-30347: Closed-source component Android Security Bulletin 2022-04-01 CVE: CVE-2021-30347 Severity: CRITICAL Component: Closed-source component References: A-202025598 *

android

CVE-2021-30343CRITICALCVSS 9.12022-04-01

CVE-2021-30343 [CRITICAL] CVE-2021-30343: Closed-source component Android Security Bulletin 2022-04-01 CVE: CVE-2021-30343 Severity: CRITICAL Component: Closed-source component References: A-202025978 *

android

CVE-2021-35104CRITICALCVSS 9.82022-04-01

CVE-2021-35104 [CRITICAL] CVE-2021-35104: Closed-source component Android Security Bulletin 2022-04-01 CVE: CVE-2021-35104 Severity: CRITICAL Component: Closed-source component References: A-213240044 *

android

CVE-2021-35081CRITICALCVSS 9.82022-04-01

CVE-2021-35081 [CRITICAL] CVE-2021-35081: WLAN Android Security Bulletin 2022-04-01 CVE: CVE-2021-35081 Severity: CRITICAL Component: WLAN References: A-213239834 QC-CR#3028274

android

CVE-2021-35123CRITICALCVSS 8.82022-04-01

CVE-2021-35123 [HIGH] CVE-2021-35123: Bluetooth Android Security Bulletin 2022-04-01 CVE: CVE-2021-35123 Severity: CRITICAL Component: Bluetooth References: A-213239948 QC-CR#3032290

android

← Previous205 / 483Next →