Vulnerabilities > Google > Low

DATE CVE VULNERABILITY TITLE RISK
2022-01-10 CVE-2022-22266 Improper Privilege Management vulnerability in Google Android 10.0/11.0/9.0
(Applicable to China models only) Unprotected WifiEvaluationService in TencentWifiSecurity application prior to SMR Jan-2022 Release 1 allows untrusted applications to get WiFi information without proper permission.
local
low complexity
google CWE-269
3.3
2021-12-15 CVE-2021-1034 Missing Authorization vulnerability in Google Android 12.0
In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine whether an app is installed, without querypermissions due to a missing permission check.
local
low complexity
google CWE-862
3.3
2021-12-15 CVE-2021-1032 Information Exposure Through Discrepancy vulnerability in Google Android 12.0
In getMimeGroup of PackageManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-203
3.3
2021-12-15 CVE-2021-1031 Information Exposure Through Discrepancy vulnerability in Google Android 12.0
In cancelNotificationsFromListener of NotificationManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-203
3.3
2021-12-15 CVE-2021-1018 Information Exposure Through Discrepancy vulnerability in Google Android 12.0
In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-203
3.3
2021-12-15 CVE-2021-1015 Information Exposure Through Discrepancy vulnerability in Google Android 12.0
In getMeidForSlot of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-203
3.3
2021-12-15 CVE-2021-0995 Information Exposure Through Discrepancy vulnerability in Google Android 12.0
In registerSuggestionConnectionStatusListener of WifiServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-203
3.3
2021-12-15 CVE-2021-0994 Missing Authorization vulnerability in Google Android 12.0
In requestRouteToHostAddress of ConnectivityService.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check.
local
low complexity
google CWE-862
3.3
2021-12-15 CVE-2021-0992 Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0
In onCreate of PaymentDefaultDialog.java, there is a possible way to change a default payment app without user consent due to tapjack overlay.
local
low complexity
google CWE-1021
3.3
2021-12-15 CVE-2021-0991 Information Exposure Through Log Files vulnerability in Google Android 12.0
In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure.
low complexity
google CWE-532
2.4