Vulnerabilities > Google > Android > 12.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-13 | CVE-2022-20498 | Out-of-bounds Read vulnerability in Google Android In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. | 4.4 |
| 2022-12-13 | CVE-2022-20500 | Improper Handling of Exceptional Conditions vulnerability in Google Android In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. | 5.5 |
| 2022-12-13 | CVE-2022-20501 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. | 7.3 |
| 2022-12-13 | CVE-2022-20611 | Incorrect Default Permissions vulnerability in Google Android In deletePackageVersionedInternal of DeletePackageHelper.java, there is a possible way to bypass carrier restrictions due to a permissions bypass. | 7.8 |
| 2022-12-08 | CVE-2022-39912 | Improper Handling of Exceptional Conditions vulnerability in Google Android Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T(13) allows local attackers to set some setting value in Secure folder. | 3.3 |
| 2022-12-08 | CVE-2022-39913 | Incorrect Authorization vulnerability in Google Android Exposure of Sensitive Information to an Unauthorized Actor in Persona Manager prior to Android T(13) allows local attacker to access user profiles information. | 3.3 |
| 2022-12-08 | CVE-2022-39914 | Incorrect Authorization vulnerability in Google Android Exposure of Sensitive Information from an Unauthorized Actor vulnerability in Samsung DisplayManagerService prior to Android T(13) allows local attacker to access connected DLNA device information. | 3.3 |
| 2022-11-08 | CVE-2022-20414 | Improper Handling of Exceptional Conditions vulnerability in Google Android In setImpl of AlarmManagerService.java, there is a possible way to put a device into a boot loop due to an uncaught exception. | 5.5 |
| 2022-11-08 | CVE-2022-20426 | Improper Check for Unusual or Exceptional Conditions vulnerability in Google Android In multiple functions of many files, there is a possible obstruction of the user's ability to select a phone account due to resource exhaustion. | 5.5 |
| 2022-11-08 | CVE-2022-20441 | Unspecified vulnerability in Google Android In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to a logic error in the code. | 7.8 |