Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-14 | CVE-2022-22450 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Verify Governance 10.0 IBM Security Verify Identity Manager 10.0 could allow a privileged user to upload a malicious file by bypassing extension security in an HTTP request. | 3.8 |
| 2022-07-13 | CVE-2022-20226 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0/12.1 In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to improper input validation. | 3.9 |
| 2022-07-12 | CVE-2022-30750 | Unspecified vulnerability in Google Android 10.0/11.0/12.0 Improper access control vulnerability in updateLastConnectedClientInfo function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected. | 3.3 |
| 2022-07-12 | CVE-2022-30751 | Unspecified vulnerability in Google Android 10.0/11.0/12.0 Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected by using WIFI_AP_STA_DHCPACK_EVENT action. | 3.3 |
| 2022-07-12 | CVE-2022-30752 | Unspecified vulnerability in Google Android 10.0/11.0/12.0 Improper access control vulnerability in sendDHCPACKBroadcast function of SemWifiApClient prior to SMR Jul-2022 Release 1 allows attacker to access wifi ap client mac address that connected by using WIFI_AP_STA_STATE_CHANGED action. | 3.3 |
| 2022-07-12 | CVE-2022-30753 | Incorrect Default Permissions vulnerability in Google Android 10.0/11.0/12.0 Improper use of a unique device ID in unprotected SecSoterService prior to SMR Jul-2022 Release 1 allows local attackers to get the device ID without permission. | 3.3 |
| 2022-07-12 | CVE-2022-30757 | Unspecified vulnerability in Google Android 10.0/11.0/12.0 Improper authorization in isemtelephony prior to SMR Jul-2022 Release 1 allows attacker to obtain CID without ACCESS_FINE_LOCATION permission. | 3.3 |
| 2022-07-12 | CVE-2022-33686 | Files or Directories Accessible to External Parties vulnerability in Google Android 10.0/11.0/12.0 Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log. | 2.3 |
| 2022-07-12 | CVE-2022-33687 | Information Exposure Through Log Files vulnerability in Google Android 10.0/11.0/12.0 Exposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows local attackers to access IMSI via log. | 3.3 |
| 2022-07-12 | CVE-2022-33688 | Information Exposure Through Log Files vulnerability in Google Android 10.0/11.0/12.0 Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log. | 3.3 |