CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20313
https://notcve.org/view.php?id=CVE-2022-20313
11 Aug 2022 — In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-192206329 En Bluetooth, se presenta una posible escritura fuera de límites debido a una comprobación de límites que falta. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System necesarios. No es ... • https://source.android.com/security/bulletin/android-13 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20312
https://notcve.org/view.php?id=CVE-2022-20312
11 Aug 2022 — In WifiP2pManager, there is a possible toobtain WiFi P2P MAC address without user consent due to missing permission check. This could lead to local information disclosure without additional execution privileges needed. User interaction is not needed forexploitationProduct: AndroidVersions: Android-13Android ID: A-192244925 En WifiP2pManager, es posible obtener la dirección MAC de WiFi P2P sin el consentimiento del usuario debido a una falta de comprobación de permisos. Esto podría conllevar a una divulgació... • https://source.android.com/security/bulletin/android-13 • CWE-862: Missing Authorization •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20311
https://notcve.org/view.php?id=CVE-2022-20311
11 Aug 2022 — In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-192663553 En Telecomm, se presenta una posible divulgación de las cuentas telefónicas autogestionadas registradas debido a una falta de comprobación de permisos. Esto podría conllevar a una divulgación de i... • https://source.android.com/security/bulletin/android-13 • CWE-862: Missing Authorization •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20310
https://notcve.org/view.php?id=CVE-2022-20310
11 Aug 2022 — In Telecomm, there is a possible disclosure of registered self managed phone accounts due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-192663798 En Telecomm, se presenta una posible divulgación de cuentas telefónicas autogestionadas registradas debido a una falta de comprobación de permisos. Esto podría conllevar a una divulgación de infor... • https://source.android.com/security/bulletin/android-13 • CWE-862: Missing Authorization •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20309
https://notcve.org/view.php?id=CVE-2022-20309
11 Aug 2022 — In PackageInstaller, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-194694094 En PackageInstaller, se presenta una posible forma de determinar si una aplicación está instalada, sin permisos de consulta, debido a una divulgación ... • https://source.android.com/security/bulletin/android-13 • CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20308
https://notcve.org/view.php?id=CVE-2022-20308
11 Aug 2022 — In hostapd, there is a possible insecure configuration due to an insecure default value. This could lead to remote denial of service of the wifi hotspot with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-197874458 En hostapd, se presenta una posible configuración insegura debido a un valor por defecto inseguro. Esto podría conllevar a una denegación de servicio remota del punto de acceso wifi sin ser necesarios pr... • https://source.android.com/security/bulletin/android-13 •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20307
https://notcve.org/view.php?id=CVE-2022-20307
11 Aug 2022 — In AlarmManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-198782887 En AlarmManagerService, se presenta una posible forma de determinar si una app está instalada, sin permisos de consulta, debido a una divulgación d... • https://source.android.com/security/bulletin/android-13 • CWE-203: Observable Discrepancy •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20306
https://notcve.org/view.php?id=CVE-2022-20306
11 Aug 2022 — In Camera Provider HAL, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-199680794 En Camera Provider HAL, se presenta una posible corrupción de memoria debido a un uso después de la liberación. Esto podría conllevar a una escalada local de privilegios con los privilegios de ejecución System necesarios. No es... • https://source.android.com/security/bulletin/android-13 • CWE-416: Use After Free •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20305
https://notcve.org/view.php?id=CVE-2022-20305
11 Aug 2022 — In ContentService, there is a possible disclosure of available account types due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-199751623 En ContentService, se presenta una posible divulgación de los tipos de cuenta disponibles debido a una falta de comprobación de permisos. Esto podría conllevar a una divulgación de información local con lo... • https://source.android.com/security/bulletin/android-13 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20304
https://notcve.org/view.php?id=CVE-2022-20304
11 Aug 2022 — In Content, there is a possible way to determinate the user's account due to side channel information disclosure. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-199751919 En Content, se presenta una posible forma de determinar la cuenta del usuario debido a una divulgación de información por canal lateral. Esto podría conllevar a la divulgación de información local con lo... • https://source.android.com/security/bulletin/android-13 • CWE-203: Observable Discrepancy •