CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20323
https://notcve.org/view.php?id=CVE-2022-20323
11 Aug 2022 — In PackageManager, there is a possible package installation disclosure due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187176203 En PackageManager, se presenta una posible divulgación de la instalación de paquetes debido a una falta de comprobación de permisos. Esto podría conllevar a una divulgación de información local con los privilegi... • https://source.android.com/security/bulletin/android-13 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20322
https://notcve.org/view.php?id=CVE-2022-20322
11 Aug 2022 — In PackageManager, there is a possible installed package disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187176993 En PackageManager, se presenta una posible divulgación de paquetes instalados debido a una falta de comprobación de permisos. Esto podría conllevar a una divulgación de información local sin ser necesarios... • https://source.android.com/security/bulletin/android-13 • CWE-862: Missing Authorization •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20321
https://notcve.org/view.php?id=CVE-2022-20321
11 Aug 2022 — In Settings, there is a possible way for an application without permissions to read content of WiFi QR codes due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187176859 En Settings, es posible que una aplicación sin permisos pueda leer el contenido de los códigos QR de WiFi debido a una falta de comprobación de permisos. Esto podría co... • https://source.android.com/security/bulletin/android-13 • CWE-862: Missing Authorization •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20320
https://notcve.org/view.php?id=CVE-2022-20320
11 Aug 2022 — In ActivityManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187956596 En ActivityManager, se presenta una posible forma de determinar si una aplicación está instalada, sin permisos de consulta, debido a una divulgación de... • https://source.android.com/security/bulletin/android-13 • CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20319
https://notcve.org/view.php?id=CVE-2022-20319
11 Aug 2022 — In DreamServices, there is a possible way to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-189574230 En DreamServices, se presenta una posible forma de lanzar actividades protegidas arbitrarias debido a un adjunto confuso. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejec... • https://source.android.com/security/bulletin/android-13 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20318
https://notcve.org/view.php?id=CVE-2022-20318
11 Aug 2022 — In PackageInstaller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-194694069 En PackageInstaller, se presenta una posible forma de determinar si una aplicación está instalada, sin permisos de consulta, debido a una divulgación ... • https://source.android.com/security/bulletin/android-13 • CWE-203: Observable Discrepancy •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20317
https://notcve.org/view.php?id=CVE-2022-20317
11 Aug 2022 — In SystemUI, there is a possible way to unexpectedly enable the external speaker due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-190199063 En SystemUI, es posible habilitar inesperadamente el altavoz externo debido a un error lógico en el código. Esto podría conllevar a una divulgación de información local sin ser necesarios privilegi... • https://source.android.com/security/bulletin/android-13 •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20316
https://notcve.org/view.php?id=CVE-2022-20316
11 Aug 2022 — In ContentResolver, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-190726121 En ContentResolver, se presenta una posible forma de determinar si una aplicación está instalada, sin permisos de consulta, debido a una divulgación de... • https://source.android.com/security/bulletin/android-13 • CWE-203: Observable Discrepancy •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20315
https://notcve.org/view.php?id=CVE-2022-20315
11 Aug 2022 — In ActivityManager, there is a possible disclosure of installed packages due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-191058227 En ActivityManager, se presenta una posible divulgación de los paquetes instalados debido a una falta de comprobación de permisos. Esto podría conllevar a una divulgación de información local sin ser ... • https://source.android.com/security/bulletin/android-13 • CWE-862: Missing Authorization •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20314
https://notcve.org/view.php?id=CVE-2022-20314
11 Aug 2022 — In KeyChain, there is a possible spoof keychain chooser activity request due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-191876118 En KeyChain, existe la posibilidad de falsificar la petición de actividad del selector de llaveros debido a una comprobación de entrada inapropiada. Esto podría conllevar a una escalada local de privilegios ... • https://source.android.com/security/bulletin/android-13 • CWE-20: Improper Input Validation •