Google Android vulnerabilities

9,646 known vulnerabilities affecting google/android.

Total CVEs

9,646

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL883HIGH5184MEDIUM3317LOW260UNKNOWN2

Vulnerabilities

Page 215 of 483

CVE-2022-20034MEDIUMCVSS 6.8v11.02022-02-09

CVE-2022-20034 [MEDIUM] CWE-295 CVE-2022-20034: In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate vali In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate validation. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160

nvd

CVE-2022-20029MEDIUMCVSS 4.4v10.0v11.0+1 more2022-02-09

CVE-2022-20029 [MEDIUM] CWE-125 CVE-2022-20029: In cmdq driver, there is a possible out of bounds read due to an incorrect bounds check. This could In cmdq driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05747150; Issue ID: ALPS05747150.

nvd

CVE-2022-20039MEDIUMCVSS 6.7v11.02022-02-09

CVE-2022-20039 [MEDIUM] CWE-190 CVE-2022-20039: In ccu driver, there is a possible memory corruption due to an integer overflow. This could lead to In ccu driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06183345; Issue ID: ALPS06183345.

nvd

CVE-2022-20030MEDIUMCVSS 6.7v10.0v11.0+1 more2022-02-09

CVE-2022-20030 [MEDIUM] CWE-787 CVE-2022-20030: In vow driver, there is a possible out of bounds write due to a stack-based buffer overflow. This co In vow driver, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05837793; Issue ID: ALPS05837793.

nvd

CVE-2022-20037MEDIUMCVSS 5.5v10.0v11.02022-02-09

CVE-2022-20037 [MEDIUM] CWE-20 CVE-2022-20037: In ion driver, there is a possible information disclosure due to an incorrect bounds check. This cou In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171705; Issue ID: ALPS06171705.

nvd

CVE-2022-20046MEDIUMCVSS 5.5v8.1v9.0+3 more2022-02-09

CVE-2022-20046 [MEDIUM] CWE-401 CVE-2022-20046: In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local d In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06142410; Issue ID: ALPS06142410.

nvd

CVE-2022-20032MEDIUMCVSS 4.1v10.0v11.0+1 more2022-02-09

CVE-2022-20032 [MEDIUM] CWE-362 CVE-2022-20032: In vow driver, there is a possible memory corruption due to a race condition. This could lead to loc In vow driver, there is a possible memory corruption due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05852822; Issue ID: ALPS05852822.

nvd

CVE-2022-20017MEDIUMCVSS 5.5v10.0v11.0+1 more2022-02-09

CVE-2022-20017 [MEDIUM] CWE-20 CVE-2022-20017: In ion driver, there is a possible information disclosure due to an incorrect bounds check. This cou In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862991; Issue ID: ALPS05862991.

nvd

CVE-2022-20035MEDIUMCVSS 4.4v10.0v11.02022-02-09

CVE-2022-20035 [MEDIUM] CWE-416 CVE-2022-20035: In vcu driver, there is a possible information disclosure due to a use after free. This could lead t In vcu driver, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171675; Issue ID: ALPS06171675.

nvd

CVE-2022-20038MEDIUMCVSS 6.7v11.02022-02-09

CVE-2022-20038 [MEDIUM] CWE-787 CVE-2022-20038: In ccu driver, there is a possible memory corruption due to an incorrect bounds check. This could le In ccu driver, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06183335; Issue ID: ALPS06183335.

nvd

CVE-2022-20042MEDIUMCVSS 5.5v8.1v9.0+3 more2022-02-09

CVE-2022-20042 [MEDIUM] CWE-755 CVE-2022-20042: In Bluetooth, there is a possible information disclosure due to incorrect error handling. This could In Bluetooth, there is a possible information disclosure due to incorrect error handling. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108487; Issue ID: ALPS06108487.

nvd

CVE-2021-30317CRITICALCVSS 9.32022-02-01

CVE-2021-30317 [CRITICAL] CVE-2021-30317: Closed-source component Android Security Bulletin 2022-02-01 CVE: CVE-2021-30317 Severity: CRITICAL Component: Closed-source component References: A-195750667*

android

CVE-2021-30309HIGHCVSS 7.82022-02-01

CVE-2021-30309 [HIGH] CVE-2021-30309: Closed-source component Android Security Bulletin 2022-02-01 CVE: CVE-2021-30309 Severity: HIGH Component: Closed-source component References: A-195750718*

android

CVE-2021-35074HIGHCVSS 8.42022-02-01

CVE-2021-35074 [HIGH] CVE-2021-35074: Kernel Android Security Bulletin 2022-02-01 CVE: CVE-2021-35074 Severity: HIGH Component: Kernel References: A-204905255 QC-CR#2998013

android

CVE-2020-13112HIGHCVSS 9.12022-02-01

CVE-2020-13112 [CRITICAL] CVE-2020-13112: Android Security Bulletin 2022-02-01 CVE: CVE-2020-13112 Severity: HIGH Type: EoP Affected AOSP versions: 10, 11 References: A-194342672* Android Security Bulletin 2022-02-01 CVE: CVE-2020-13112 Severity: HIGH Type: EoP Affected AOSP versions: 10, 11 References: A-194342672*

android

CVE-2021-39672HIGHCVSS 7.82022-02-01

CVE-2021-39672 [HIGH] CVE-2021-39672: Fastboot Android Security Bulletin 2022-02-01 CVE: CVE-2021-39672 Severity: HIGH Component: Fastboot References: A-202018701*

android

CVE-2021-39635HIGHCVSS 9.12022-02-01

CVE-2021-39635 [CRITICAL] CVE-2021-39635: ims_ex Android Security Bulletin 2022-02-01 CVE: CVE-2021-39635 Severity: HIGH Component: ims_ex References: A-206492634 U-1731024*

android

CVE-2020-13113HIGHCVSS 8.22022-02-01

CVE-2020-13113 [HIGH] CVE-2020-13113: Android Security Bulletin 2022-02-01 CVE: CVE-2020-13113 Severity: HIGH Type: EoP Affected AOSP versions: 10, 11 References: A-196085005* Android Security Bulletin 2022-02-01 CVE: CVE-2020-13113 Severity: HIGH Type: EoP Affected AOSP versions: 10, 11 References: A-196085005*

android

CVE-2021-35068HIGHCVSS 8.42022-02-01

CVE-2021-35068 [HIGH] CVE-2021-35068: Bluetooth Android Security Bulletin 2022-02-01 CVE: CVE-2021-35068 Severity: HIGH Component: Bluetooth References: A-202025798 QC-CR#2982971

android

CVE-2021-30326HIGHCVSS 7.52022-02-01

CVE-2021-30326 [HIGH] CVE-2021-30326: Closed-source component Android Security Bulletin 2022-02-01 CVE: CVE-2021-30326 Severity: HIGH Component: Closed-source component References: A-195751080*

android

← Previous215 / 483Next →