CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-20919
https://notcve.org/view.php?id=CVE-2023-20919
24 Jan 2023 — In getStringsForPrefix of Settings.java, there is a possible prevention of package uninstallation due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-252663068 En getStringsForPrefix de Settings.java, existe una posible prevención de la desinstalación del paquete debido a un error lógico en el código. Esto podría conducir a una escal... • https://source.android.com/security/bulletin/2023-01-01 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-20490
https://notcve.org/view.php?id=CVE-2022-20490
24 Jan 2023 — In multiple functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703505 • https://github.com/hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2022-20490 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-20922
https://notcve.org/view.php?id=CVE-2023-20922
24 Jan 2023 — In setMimeGroup of PackageManagerService.java, there is a possible crash loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-237291548 En setMimeGroup de PackageManagerService.java, existe un posible bucle de bloqueo debido al agotamiento de los recursos. Esto podría provocar una denegación de servicio loca... • https://source.android.com/security/bulletin/2023-01-01 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2022-20494
https://notcve.org/view.php?id=CVE-2022-20494
24 Jan 2023 — In AutomaticZenRule of AutomaticZenRule.java, there is a possible persistent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-243794204 En AutomaticZenRule de AutomaticZenRule.java, existe un posible DoS persistente debido al agotamiento de recursos. Esto podría provocar una denegación de servi... • https://github.com/Supersonic/CVE-2022-20494 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-20215
https://notcve.org/view.php?id=CVE-2022-20215
24 Jan 2023 — In onCreate of MasterClearConfirmFragment.java, there is a possible factory reset due to a tapjacking/overlay attack. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-183794206 • https://source.android.com/security/bulletin/aaos/2023-01-01 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2022-38682
https://notcve.org/view.php?id=CVE-2022-38682
04 Jan 2023 — In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. En el servicio de contactos, falta una verificación de permiso. Esto podría provocar una denegación de servicio local en el servicio de contactos sin necesidad de privilegios de ejecución adicionales. • https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2022-44435
https://notcve.org/view.php?id=CVE-2022-44435
04 Jan 2023 — In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. En el servicio de mensajería, falta una verificación de permisos. Esto podría provocar una denegación de servicio local en el servicio de contactos sin necesidad de privilegios de ejecución adicionales. • https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2022-44424
https://notcve.org/view.php?id=CVE-2022-44424
04 Jan 2023 — In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. En el servicio de música, falta una verificación de permiso. Esto podría provocar una denegación de servicio local en el servicio de contactos sin necesidad de privilegios de ejecución adicionales. • https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2022-44436
https://notcve.org/view.php?id=CVE-2022-44436
04 Jan 2023 — In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed. En el servicio de mensajería, falta una verificación de permisos. Esto podría provocar una denegación de servicio local en el servicio de contactos sin necesidad de privilegios de ejecución adicionales. • https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2022-44444
https://notcve.org/view.php?id=CVE-2022-44444
04 Jan 2023 — In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. En el controlador WLAN, existe una posible verificación de los límites faltantes. Esto podría provocar una denegación local de servicio en los servicios WLAN. • https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001 • CWE-191: Integer Underflow (Wrap or Wraparound) •