Vulnerabilities > Google > Android > Low

DATE CVE VULNERABILITY TITLE RISK
2022-02-11 CVE-2022-24000 Unspecified vulnerability in Google Android 10.0/11.0/12.0
PendingIntent hijacking vulnerability in DataUsageReminderReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via implicit Intent.
local
low complexity
google
3.3
2022-02-11 CVE-2022-23999 Unspecified vulnerability in Google Android 10.0/11.0/12.0
PendingIntent hijacking vulnerability in CpaReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission in KnoxPrivacyNoticeReceiver via implicit Intent.
local
low complexity
google
3.3
2022-01-14 CVE-2021-39628 Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0
In StatusBar.java, there is a possible disclosure of notification content on the lockscreen due to a logic error in the code.
local
low complexity
google CWE-668
3.3
2022-01-10 CVE-2022-22272 Unspecified vulnerability in Google Android 10.0/11.0/12.0
Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission
local
low complexity
google
3.3
2022-01-10 CVE-2022-22270 Files or Directories Accessible to External Parties vulnerability in Google Android 10.0/11.0/9.0
An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows unprivileged applications to access contact information.
local
low complexity
google CWE-552
3.3
2022-01-10 CVE-2022-22269 Files or Directories Accessible to External Parties vulnerability in Google Android 10.0/11.0/9.0
Keeping sensitive data in unprotected BluetoothSettingsProvider prior to SMR Jan-2022 Release 1 allows untrusted applications to get a local Bluetooth MAC address.
local
low complexity
google CWE-552
3.3
2022-01-10 CVE-2022-22267 Files or Directories Accessible to External Parties vulnerability in Google Android
Implicit Intent hijacking vulnerability in ActivityMetricsLogger prior to SMR Jan-2022 Release 1 allows attackers to get running application information.
local
low complexity
google CWE-552
3.3
2022-01-10 CVE-2022-22266 Improper Privilege Management vulnerability in Google Android 10.0/11.0/9.0
(Applicable to China models only) Unprotected WifiEvaluationService in TencentWifiSecurity application prior to SMR Jan-2022 Release 1 allows untrusted applications to get WiFi information without proper permission.
local
low complexity
google CWE-269
3.3
2021-12-15 CVE-2021-1034 Missing Authorization vulnerability in Google Android 12.0
In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine whether an app is installed, without querypermissions due to a missing permission check.
local
low complexity
google CWE-862
3.3
2021-12-15 CVE-2021-1032 Information Exposure Through Discrepancy vulnerability in Google Android 12.0
In getMimeGroup of PackageManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-203
3.3