Vulnerabilities > Google > Android > 10.0

DATE CVE VULNERABILITY TITLE RISK
2022-11-09 CVE-2022-39882 Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0
Heap overflow vulnerability in sflacf_fal_bytes_peek function in libsmat.so library prior to SMR Nov-2022 Release 1 allows local attacker to execute arbitrary code.
local
low complexity
google CWE-787
7.8
2022-11-09 CVE-2022-39883 Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 10.0/11.0/12.0
Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged API.
local
low complexity
google CWE-732
7.8
2022-11-09 CVE-2022-39884 Unspecified vulnerability in Google Android 10.0/11.0/12.0
Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information.
local
low complexity
google
3.3
2022-11-09 CVE-2022-39885 Unspecified vulnerability in Google Android 10.0/11.0/12.0
Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to SMR Nov-2022 Release 1 allows local attacker to access to Device information.
local
low complexity
google
3.3
2022-11-09 CVE-2022-39886 Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/12.0
Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022 Release 1 allows local attacker to access Device information.
local
low complexity
google CWE-668
3.3
2022-11-09 CVE-2022-39887 Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 10.0/11.0/12.0
Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting.
local
low complexity
google CWE-732
3.3
2022-11-08 CVE-2022-20414 Improper Check for Unusual or Exceptional Conditions vulnerability in Google Android
In setImpl of AlarmManagerService.java, there is a possible way to put a device into a boot loop due to an uncaught exception.
local
low complexity
google CWE-754
5.5
2022-11-08 CVE-2022-20426 Resource Exhaustion vulnerability in Google Android
In multiple functions of many files, there is a possible obstruction of the user's ability to select a phone account due to resource exhaustion.
local
low complexity
google CWE-400
5.5
2022-11-08 CVE-2022-20441 Unspecified vulnerability in Google Android
In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to a logic error in the code.
local
low complexity
google
7.8
2022-11-08 CVE-2022-20445 Out-of-bounds Read vulnerability in Google Android
In process_service_search_rsp of sdp_discovery.cc, there is a possible out of bounds read due to improper input validation.
network
low complexity
google CWE-125
7.5