Vulnerabilities > Google > Android > Low

DATE CVE VULNERABILITY TITLE RISK
2022-12-06 CVE-2022-42757 Out-of-bounds Read vulnerability in Google Android 10.0/11.0/12.0
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
local
low complexity
google CWE-125
3.3
2022-11-09 CVE-2022-39887 Unspecified vulnerability in Google Android 10.0/11.0/12.0
Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting.
local
low complexity
google
3.3
2022-11-09 CVE-2022-39886 Improper Handling of Exceptional Conditions vulnerability in Google Android 10.0/11.0/12.0
Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022 Release 1 allows local attacker to access Device information.
local
low complexity
google CWE-755
3.3
2022-11-09 CVE-2022-39885 Improper Handling of Exceptional Conditions vulnerability in Google Android 10.0/11.0/12.0
Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to SMR Nov-2022 Release 1 allows local attacker to access to Device information.
local
low complexity
google CWE-755
3.3
2022-11-09 CVE-2022-39884 Unspecified vulnerability in Google Android 10.0/11.0/12.0
Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information.
local
low complexity
google
3.3
2022-11-09 CVE-2022-39879 Unspecified vulnerability in Google Android 11.0/12.0
Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone uid.
local
low complexity
google
3.3
2022-11-08 CVE-2022-20446 Missing Authorization vulnerability in Google Android 10.0/11.0
In AlwaysOnHotwordDetector of AlwaysOnHotwordDetector.java, there is a possible way to access the microphone from the background due to a missing permission check.
local
low complexity
google CWE-862
3.3
2022-10-07 CVE-2022-39856 Unspecified vulnerability in Google Android 12.0
Improper access control vulnerability in imsservice application prior to SMR Oct-2022 Release 1 allows local attackers to access call information.
local
low complexity
google
3.3
2022-10-07 CVE-2022-39851 Unspecified vulnerability in Google Android 10.0/11.0/12.0
Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS permission.
local
low complexity
google
3.3
2022-10-07 CVE-2022-39850 Unspecified vulnerability in Google Android 10.0/11.0/12.0
Improper access control in mum_container_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.
local
low complexity
google
3.3