CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20333
https://notcve.org/view.php?id=CVE-2022-20333
11 Aug 2022 — In Bluetooth, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-179161657 En Bluetooth, se presenta un posible fallo debido a una falta de comprobación nula. Esto podría conllevar a una denegación de servicio remota sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario ... • https://source.android.com/security/bulletin/android-13 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20332
https://notcve.org/view.php?id=CVE-2022-20332
11 Aug 2022 — In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-180019130 En PackageManager, se presenta una posible forma de determinar si una aplicación está instalada, sin permisos de consulta, debido a una divulgación de i... • https://source.android.com/security/bulletin/android-13 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20331
https://notcve.org/view.php?id=CVE-2022-20331
11 Aug 2022 — In the Framework, there is a possible way to enable a work profile without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-181785557 En el Framework, se presenta una posible forma de habilitar un perfil de trabajo sin el consentimiento del usuario debido a un ataque de tapjacking/superposición. Esto podría conllevar a ... • https://source.android.com/security/bulletin/android-13 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20330
https://notcve.org/view.php?id=CVE-2022-20330
11 Aug 2022 — In Bluetooth, there is a possible way to connect or disconnect bluetooth devices without user awareness due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-181962588 En Bluetooth, es posible conectar o desconectar dispositivos bluetooth sin que el usuario sea consciente de ello debido a una falta de comprobación de permisos. Esto podría conl... • https://source.android.com/security/bulletin/android-13 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20329
https://notcve.org/view.php?id=CVE-2022-20329
11 Aug 2022 — In Wifi, there is a possible way to enable Wifi without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-183410556 En Wifi, se presenta una posible forma de habilitar Wifi sin permisos debido a una falta de comprobación de permisos. Esto podría conllevar a una escalada local de privilegios sin ser necesarios privilegi... • https://source.android.com/security/bulletin/android-13 • CWE-862: Missing Authorization •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20328
https://notcve.org/view.php?id=CVE-2022-20328
11 Aug 2022 — In PackageManager, there is a possible way to determine whether an app is installed due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-184948501 En PackageManager, se presenta una posible forma de determinar si una aplicación está instalada debido a una falta de comprobación de permisos. Esto podría conllevar a una divulgación de in... • https://source.android.com/security/bulletin/android-13 • CWE-862: Missing Authorization •
CVSS: 2.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20327
https://notcve.org/view.php?id=CVE-2022-20327
11 Aug 2022 — In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-185126813 En Wi-Fi, se presenta una posible forma de recuperar el SSID de WiFi sin permisos de localización debido a una falta de comprobación de permisos. Esto podría conllevar a una divulgación de informac... • https://source.android.com/security/bulletin/android-13 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20326
https://notcve.org/view.php?id=CVE-2022-20326
11 Aug 2022 — In Telephony, there is a possible disclosure of SIM identifiers due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-185235527 En Telephony, se presenta una posible divulgación de los identificadores de la tarjeta SIM debido a una falta de comprobación de permisos. Esto podría conllevar a una divulgación de información local con los privilegio... • https://source.android.com/security/bulletin/android-13 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20325
https://notcve.org/view.php?id=CVE-2022-20325
11 Aug 2022 — In Media, there is a possible code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-186473060 En Media, se presenta una posible ejecución de código debido a un uso después de libre. Esto podría conllevar a una escalada local de privilegios sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción de... • https://source.android.com/security/bulletin/android-13 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20324
https://notcve.org/view.php?id=CVE-2022-20324
11 Aug 2022 — In Framework, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187042120 En Framework, se presenta una posible forma de determinar si una app está instalada, sin permisos de consulta, debido a una divulgación de información por ca... • https://source.android.com/security/bulletin/android-13 • CWE-203: Observable Discrepancy •