Vulnerabilities > Google > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-13 | CVE-2022-20482 | Resource Exhaustion vulnerability in Google Android 12.0/12.1/13.0 In createNotificationChannel of NotificationManager.java, there is a possible way to make the device unusable and require factory reset due to resource exhaustion. | 5.5 |
| 2022-12-13 | CVE-2022-20496 | Use After Free vulnerability in Google Android 12.0/12.1/13.0 In setDataSource of initMediaExtractor.cpp, there is a possibility of arbitrary code execution due to a use after free. | 5.5 |
| 2022-12-13 | CVE-2022-20497 | Unspecified vulnerability in Google Android 12.0/12.1/13.0 In updatePublicMode of NotificationLockscreenUserManagerImpl.java, there is a possible way to reveal sensitive notifications on the lockscreen due to an incorrect state transition. low complexity google | 4.6 |
| 2022-12-13 | CVE-2022-20498 | Out-of-bounds Read vulnerability in Google Android In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. | 4.4 |
| 2022-12-13 | CVE-2022-20500 | Improper Handling of Exceptional Conditions vulnerability in Google Android In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. | 5.5 |
| 2022-12-13 | CVE-2022-20502 | Use After Free vulnerability in Google Android 13.0 In GetResolvedMethod of entrypoint_utils-inl.h, there is a possible use after free due to a stale cache. | 5.5 |
| 2022-12-08 | CVE-2022-39897 | Information Exposure Through Log Files vulnerability in Google Android 10.0/11.0/12.0 Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log. | 5.5 |
| 2022-12-08 | CVE-2022-39899 | Improper Authentication vulnerability in Google Android Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture. | 4.3 |
| 2022-12-08 | CVE-2022-39900 | Unspecified vulnerability in Google Android 11.0/12.0/13.0 Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice Catch. low complexity google | 4.6 |
| 2022-12-08 | CVE-2022-39905 | Unspecified vulnerability in Google Android Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit intent. | 5.5 |