Vulnerabilities > Google > Android > 10.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-13 | CVE-2022-20212 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0 In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. | 4.4 |
2022-07-13 | CVE-2022-20219 | Missing Encryption of Sensitive Data vulnerability in Google Android In multiple functions of StorageManagerService.java and UserManagerService.java, there is a possible way to leave user's directories unencrypted due to a logic error in the code. | 2.1 |
2022-07-13 | CVE-2022-20221 | Out-of-bounds Read vulnerability in Google Android In avrc_ctrl_pars_vendor_cmd of avrc_pars_ct.cc, there is a possible out of bounds read due to improper input validation. | 3.3 |
2022-07-13 | CVE-2022-20223 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. | 7.2 |
2022-07-13 | CVE-2022-20224 | Out-of-bounds Read vulnerability in Google Android In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. | 5.0 |
2022-07-13 | CVE-2022-20225 | Missing Authorization vulnerability in Google Android In getSubscriptionProperty of SubscriptionController.java, there is a possible read of a sensitive identifier due to a missing permission check. | 2.1 |
2022-07-13 | CVE-2022-20229 | Out-of-bounds Write vulnerability in Google Android In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. | 10.0 |
2022-07-13 | CVE-2022-20230 | Improper Input Validation vulnerability in Google Android In choosePrivateKeyAlias of KeyChain.java, there is a possible access to the user's certificate due to improper input validation. | 1.9 |
2022-07-12 | CVE-2022-30750 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/12.0 Improper access control vulnerability in updateLastConnectedClientInfo function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected. | 2.1 |
2022-07-12 | CVE-2022-30751 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/12.0 Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected by using WIFI_AP_STA_DHCPACK_EVENT action. | 2.1 |