Vulnerabilities > Google > Android > Low

DATE CVE VULNERABILITY TITLE RISK
2023-05-15 CVE-2023-20726 Missing Authorization vulnerability in multiple products
In mnld, there is a possible leak of GPS location due to a missing permission check.
3.3
2023-02-28 CVE-2023-20932 Improper Input Validation vulnerability in Google Android
In onCreatePreferences of EditInfoFragment.java, there is a possible way to read contacts belonging to other users due to improper input validation.
local
low complexity
google CWE-20
3.3
2022-12-16 CVE-2022-20562 Unspecified vulnerability in Google Android
In various functions of ap_input_processor.c, there is a possible way to record audio during a phone call due to a logic error in the code.
local
low complexity
google
3.3
2022-12-16 CVE-2022-20559 Information Exposure Through Discrepancy vulnerability in Google Android 13.0
In revokeOwnPermissionsOnKill of PermissionManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-203
3.3
2022-12-16 CVE-2022-20558 Unspecified vulnerability in Google Android 13.0
In registerReceivers of DeviceCapabilityListener.java, there is a possible way to change preferred TTY mode due to a permissions bypass.
local
low complexity
google
3.3
2022-12-16 CVE-2022-20556 Missing Authorization vulnerability in Google Android 13.0
In launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for the guest user to add a new WiFi network due to a missing permission check.
local
low complexity
google CWE-862
3.3
2022-12-16 CVE-2022-20543 Improper Validation of Specified Quantity in Input vulnerability in Google Android 13.0
In multiple locations, there is a possible display crash loop due to improper input validation.
local
low complexity
google CWE-1284
2.3
2022-12-16 CVE-2022-20537 Missing Authorization vulnerability in Google Android 13.0
In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable location-sensitive settings due to a missing permission check.
local
low complexity
google CWE-862
3.3
2022-12-16 CVE-2022-20536 Missing Authorization vulnerability in Google Android 13.0
In registerBroadcastReceiver of RcsService.java, there is a possible way to change preferred TTY mode due to a missing permission check.
local
low complexity
google CWE-862
3.3
2022-12-16 CVE-2022-20535 Information Exposure Through Discrepancy vulnerability in Google Android 13.0
In registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-203
3.3