Vulnerabilities > Google > Android > Low

DATE CVE VULNERABILITY TITLE RISK
2022-11-09 CVE-2022-39879 Missing Authorization vulnerability in Google Android 11.0/12.0
Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone uid.
local
low complexity
google CWE-862
3.3
2022-11-09 CVE-2022-39884 Unspecified vulnerability in Google Android 10.0/11.0/12.0
Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information.
local
low complexity
google
3.3
2022-11-09 CVE-2022-39885 Unspecified vulnerability in Google Android 10.0/11.0/12.0
Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to SMR Nov-2022 Release 1 allows local attacker to access to Device information.
local
low complexity
google
3.3
2022-11-09 CVE-2022-39886 Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/12.0
Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022 Release 1 allows local attacker to access Device information.
local
low complexity
google CWE-668
3.3
2022-11-09 CVE-2022-39887 Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 10.0/11.0/12.0
Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting.
local
low complexity
google CWE-732
3.3
2022-11-08 CVE-2022-20446 Missing Authorization vulnerability in Google Android 10.0/11.0
In AlwaysOnHotwordDetector of AlwaysOnHotwordDetector.java, there is a possible way to access the microphone from the background due to a missing permission check.
local
low complexity
google CWE-862
3.3
2022-11-08 CVE-2022-20463 Unspecified vulnerability in Google Android
In factoryReset of WifiServiceImpl, there is a possible way to preserve WiFi settings due to a logic error in the code.
local
low complexity
google
3.3
2022-10-07 CVE-2022-36868 Unspecified vulnerability in Google Android 11.0/12.0
Improper restriction of broadcasting Intent in MouseNKeyHidDevice prior to SMR Oct-2022 Release 1 leaks MAC address of the connected Bluetooth device.
local
low complexity
google
3.3
2022-10-07 CVE-2022-39848 Information Exposure vulnerability in Google Android 10.0/11.0/12.0
Exposure of sensitive information in AT_Distributor prior to SMR Oct-2022 Release 1 allows local attacker to access SerialNo via log.
local
low complexity
google CWE-200
3.3
2022-10-07 CVE-2022-39849 Unspecified vulnerability in Google Android 10.0/11.0/12.0
Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.
local
low complexity
google
3.3