Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-12 | CVE-2022-20342 | Insecure Default Initialization of Resource vulnerability in Google Android 13.0 In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure default value. | 3.3 |
| 2022-08-11 | CVE-2022-20241 | Improper Input Validation vulnerability in Google Android 13.0.0 In Messaging, there is a possible way to attach a private file to an SMS message due to improper input validation. | 3.3 |
| 2022-08-11 | CVE-2022-20245 | Unspecified vulnerability in Google Android 13.0.0 In WindowManager, there is a possible method to create a recording of the lock screen due to an insecure default value. low complexity google | 2.4 |
| 2022-08-11 | CVE-2022-20249 | Information Exposure Through Discrepancy vulnerability in Google Android 13.0.0 In LocaleManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 3.3 |
| 2022-08-11 | CVE-2022-20251 | Information Exposure Through Discrepancy vulnerability in Google Android 13.0.0 In LocaleManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 3.3 |
| 2022-08-11 | CVE-2022-20252 | Information Exposure Through Discrepancy vulnerability in Google Android 13.0.0 In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 3.3 |
| 2022-08-10 | CVE-2022-20358 | Missing Authorization vulnerability in Google Android In startSync of AbstractThreadedSyncAdapter.java, there is a possible way to access protected content of content providers due to a missing permission check. | 3.3 |
| 2022-08-10 | CVE-2022-30629 | Use of Insufficiently Random Values vulnerability in Golang GO Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. | 3.1 |
| 2022-08-05 | CVE-2022-2307 | Incomplete Cleanup vulnerability in Gitlab A lack of cascading deletes in GitLab CE/EE affecting all versions starting from 13.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1 allows a malicious Group Owner to retain a usable Group Access Token even after the Group is deleted, though the APIs usable by that token are limited. | 3.8 |
| 2022-08-05 | CVE-2022-2456 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. | 2.7 |