Vulnerabilities > Google > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-05 | CVE-2022-33720 | Improper Authentication vulnerability in Google Android 10.0/11.0 Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut. | 2.4 |
| 2022-07-13 | CVE-2022-20227 | Out-of-bounds Read vulnerability in Google Android In USB driver, there is a possible out of bounds read due to a heap buffer overflow. | 2.1 |
| 2022-07-13 | CVE-2022-20226 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0/12.1 In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to improper input validation. | 3.3 |
| 2022-07-13 | CVE-2022-20225 | Missing Authorization vulnerability in Google Android In getSubscriptionProperty of SubscriptionController.java, there is a possible read of a sensitive identifier due to a missing permission check. | 2.1 |
| 2022-07-13 | CVE-2022-20221 | Out-of-bounds Read vulnerability in Google Android In avrc_ctrl_pars_vendor_cmd of avrc_pars_ct.cc, there is a possible out of bounds read due to improper input validation. | 3.3 |
| 2022-07-12 | CVE-2022-33701 | Unspecified vulnerability in Google Android 10.0/11.0/12.0 Improper access control vulnerability in KnoxCustomManagerService prior to SMR Jul-2022 Release 1 allows attacker to call PowerManaer.goToSleep method which is protected by system permission by sending braodcast intent. | 3.3 |
| 2022-07-12 | CVE-2022-33700 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/12.0 Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log. | 2.1 |
| 2022-07-12 | CVE-2022-33699 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/12.0 Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log. | 2.1 |
| 2022-07-12 | CVE-2022-33698 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/12.0 Exposure of Sensitive Information in Telecom application prior to SMR Jul-2022 Release 1 allows local attackers to access ICCID via log. | 2.1 |
| 2022-07-12 | CVE-2022-33697 | Information Exposure Through Log Files vulnerability in Google Android 10.0/11.0/12.0 Sensitive information exposure vulnerability in ImsServiceSwitchBase in ImsCore prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log. | 2.1 |