Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-05 | CVE-2022-33731 | Unspecified vulnerability in Google Android 11.0/12.0 Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components. | 7.1 |
| 2022-08-05 | CVE-2022-33732 | Unspecified vulnerability in Google Android 12.0 Improper access control vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows local attackers to scan and connect to PC by unprotected binder call. | 7.1 |
| 2022-08-01 | CVE-2022-26429 | Missing Authorization vulnerability in Google Android 11.0/12.0 In cta, there is a possible way to write permission usage records of an app due to a missing permission check. | 7.8 |
| 2022-07-13 | CVE-2022-20212 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0 In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. | 7.8 |
| 2022-07-13 | CVE-2022-20218 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 12.0/12.1 In PermissionController, there is a possible way to get and retain permissions without user's consent due to a logic error in the code. | 7.8 |
| 2022-07-13 | CVE-2022-20220 | Path Traversal vulnerability in Google Android 12.0/12.1 In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. | 7.8 |
| 2022-07-13 | CVE-2022-20223 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. | 7.8 |
| 2022-07-13 | CVE-2022-20224 | Out-of-bounds Read vulnerability in Google Android In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. | 7.5 |
| 2022-07-13 | CVE-2022-20234 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 12.1 In Car Settings app, the NotificationAccessConfirmationActivity is exported. | 7.5 |
| 2022-07-13 | CVE-2022-20236 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A drm driver have oob problem, could cause the system crash or EOPProduct: AndroidVersions: Android SoCAndroid ID: A-233124709 | 7.5 |