Vulnerabilities > Google > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-10 | CVE-2022-20352 | Missing Authorization vulnerability in Google Android 12.0/12.1 In addProviderRequestListener of LocationManagerService.java, there is a possible way to learn which packages request location information due to a missing permission check. | 5.5 |
| 2022-08-10 | CVE-2022-20353 | Improper Input Validation vulnerability in Google Android In onSaveRingtone of DefaultRingtonePreference.java, there is a possible inappropriate file read due to improper input validation. | 5.5 |
| 2022-08-10 | CVE-2022-20355 | Improper Input Validation vulnerability in Google Android In get of PacProxyService.java, there is a possible system service crash due to improper input validation. | 5.5 |
| 2022-08-10 | CVE-2022-20357 | Use of Uninitialized Resource vulnerability in Google Android 12.0/12.1 In writeToParcel of SurfaceControl.cpp, there is a possible information disclosure due to uninitialized data. | 5.5 |
| 2022-08-05 | CVE-2022-33715 | Unspecified vulnerability in Google Android 11.0/12.0 Improper access control and path traversal vulnerability in LauncherProvider prior to SMR Aug-2022 Release 1 allow local attacker to access files of One UI. | 5.5 |
| 2022-08-05 | CVE-2022-33716 | Use of Uninitialized Resource vulnerability in Google Android 11.0/12.0 An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local attacker to read uninitialized memory. | 4.4 |
| 2022-08-05 | CVE-2022-33717 | Out-of-bounds Read vulnerability in Google Android 11.0/12.0 A missing input validation before memory read in SEM TA prior to SMR Aug-2022 Release 1 allows local attackers to read out of bound memory. | 4.4 |
| 2022-08-05 | CVE-2022-33721 | Unspecified vulnerability in Google Android 12.0 A vulnerability using PendingIntent in DeX for PC prior to SMR Aug-2022 Release 1 allows attackers to access files with system privilege. | 5.5 |
| 2022-08-05 | CVE-2022-33723 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0/12.0 A vulnerable code in onCreate of BluetoothScanDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack. | 6.1 |
| 2022-08-05 | CVE-2022-33727 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0/12.0 A vulnerable code in onCreate of SecDevicePickerDialog prior to SMR Aug-2022 Release 1, allows attackers to trick the user to select an unwanted bluetooth device via tapjacking/overlay attack. | 6.1 |