Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-13 | CVE-2022-20217 | Unspecified vulnerability in Google Android There is a unauthorized broadcast in the SprdContactsProvider. | 6.5 |
| 2022-07-13 | CVE-2022-20219 | Cleartext Storage of Sensitive Information vulnerability in Google Android In multiple functions of StorageManagerService.java and UserManagerService.java, there is a possible way to leave user's directories unencrypted due to a logic error in the code. | 5.5 |
| 2022-07-13 | CVE-2022-20221 | Out-of-bounds Read vulnerability in Google Android In avrc_ctrl_pars_vendor_cmd of avrc_pars_ct.cc, there is a possible out of bounds read due to improper input validation. | 6.5 |
| 2022-07-13 | CVE-2022-20225 | Missing Authorization vulnerability in Google Android In getSubscriptionProperty of SubscriptionController.java, there is a possible read of a sensitive identifier due to a missing permission check. | 5.5 |
| 2022-07-13 | CVE-2022-20227 | Out-of-bounds Read vulnerability in Google Android In USB driver, there is a possible out of bounds read due to a heap buffer overflow. | 5.5 |
| 2022-07-13 | CVE-2022-20228 | Use After Free vulnerability in Google Android 12.0/12.1 In various functions of C2DmaBufAllocator.cpp, there is a possible memory corruption due to a use after free. | 6.5 |
| 2022-07-13 | CVE-2022-20230 | Improper Encoding or Escaping of Output vulnerability in Google Android In choosePrivateKeyAlias of KeyChain.java, there is a possible access to the user's certificate due to improper input validation. | 5.5 |
| 2022-07-12 | CVE-2022-30758 | Incorrect Default Permissions vulnerability in Google Android 10.0/11.0/12.0 Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to access some protected information with privilege of Finder. | 5.5 |
| 2022-07-12 | CVE-2022-33685 | Unspecified vulnerability in Google Android 10.0/11.0/12.0 Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information. | 5.5 |
| 2022-07-12 | CVE-2022-33691 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android 10.0/11.0/12.0 A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations. | 4.7 |