Vulnerabilities > Google > Android > Low

DATE CVE VULNERABILITY TITLE RISK
2022-10-07 CVE-2022-39856 Unspecified vulnerability in Google Android 12.0
Improper access control vulnerability in imsservice application prior to SMR Oct-2022 Release 1 allows local attackers to access call information.
local
low complexity
google
3.3
2022-10-07 CVE-2022-39851 Unspecified vulnerability in Google Android 10.0/11.0/12.0
Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS permission.
local
low complexity
google
3.3
2022-10-07 CVE-2022-39850 Unspecified vulnerability in Google Android 10.0/11.0/12.0
Improper access control in mum_container_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.
local
low complexity
google
3.3
2022-10-07 CVE-2022-39849 Unspecified vulnerability in Google Android 10.0/11.0/12.0
Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.
local
low complexity
google
3.3
2022-10-07 CVE-2022-39848 Information Exposure vulnerability in Google Android 10.0/11.0/12.0
Exposure of sensitive information in AT_Distributor prior to SMR Oct-2022 Release 1 allows local attacker to access SerialNo via log.
local
low complexity
google CWE-200
3.3
2022-10-07 CVE-2022-36868 Unspecified vulnerability in Google Android 11.0/12.0
Improper restriction of broadcasting Intent in MouseNKeyHidDevice prior to SMR Oct-2022 Release 1 leaks MAC address of the connected Bluetooth device.
local
low complexity
google
3.3
2022-09-09 CVE-2022-36857 Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data.
low complexity
google samsung
2.4
2022-09-09 CVE-2022-36856 Missing Authorization vulnerability in Google Android 12.0
Improper access control vulnerability in Telecom application prior to SMR Sep-2022 Release 1 allows attacker to start emergency calls via undefined permission.
local
low complexity
google CWE-862
3.3
2022-09-09 CVE-2022-36852 Unspecified vulnerability in Google Android 11.0/12.0
Improper Authorization vulnerability in Video Editor prior to SMR Sep-2022 Release 1 allows local attacker to access internal application data.
local
low complexity
google
3.3
2022-08-12 CVE-2022-20342 Insecure Default Initialization of Resource vulnerability in Google Android 13.0
In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure default value.
local
low complexity
google CWE-1188
3.3