Vulnerabilities > Google > Android > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-12-16 CVE-2022-20509 Out-of-bounds Write vulnerability in Google Android 13.0
In mapGrantorDescr of MessageQueueBase.h, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
6.7
6.7
2022-12-16 CVE-2022-20510 Missing Authorization vulnerability in Google Android 13.0
In getNearbyNotificationStreamingPolicy of DevicePolicyManagerService.java, there is a possible way to learn about the notification streaming policy of other users due to a permissions bypass.
local
low complexity
google CWE-862
5.5
5.5
2022-12-16 CVE-2022-20511 Missing Authorization vulnerability in Google Android 13.0
In getNearbyAppStreamingPolicy of DevicePolicyManagerService.java, there is a missing permission check.
local
low complexity
google CWE-862
5.5
5.5
2022-12-16 CVE-2022-20513 Out-of-bounds Read vulnerability in Google Android 13.0
In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing bounds check.
local
low complexity
google CWE-125
5.5
5.5
2022-12-16 CVE-2022-20514 Use After Free vulnerability in Google Android 13.0
In acquireFabricatedOverlayIterator, nextFabricatedOverlayInfos, and releaseFabricatedOverlayIterator of Idmap2Service.cpp, there is a possible out of bounds write due to a use after free.
local
low complexity
google CWE-416
6.7
6.7
2022-12-16 CVE-2022-20515 Unspecified vulnerability in Google Android 13.0
In onPreferenceClick of AccountTypePreferenceLoader.java, there is a possible way to retrieve protected files from the Settings app due to a confused deputy.
local
low complexity
google
5.5
5.5
2022-12-16 CVE-2022-20517 SQL Injection vulnerability in Google Android 13.0
In getMessagesByPhoneNumber of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection.
local
low complexity
google CWE-89
5.5
5.5
2022-12-16 CVE-2022-20518 SQL Injection vulnerability in Google Android 13.0
In query of MmsSmsProvider.java, there is a possible access to restricted tables due to SQL injection.
local
low complexity
google CWE-89
5.5
5.5
2022-12-16 CVE-2022-20521 NULL Pointer Dereference vulnerability in Google Android 13.0
In sdpu_find_most_specific_service_uuid of sdp_utils.cc, there is a possible way to crash Bluetooth due to a missing null check.
local
low complexity
google CWE-476
5.0
5.0
2022-12-16 CVE-2022-20523 Out-of-bounds Read vulnerability in Google Android 13.0
In IncFs_GetFilledRangesStartingFrom of incfs.cpp, there is a possible out of bounds read due to a missing bounds check.
local
low complexity
google CWE-125
5.5
5.5