CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20252
https://notcve.org/view.php?id=CVE-2022-20252
11 Aug 2022 — In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224547584 En PackageManager, se presenta una posible forma de determinar si una aplicación está instalada, sin permisos de consulta, debido a la divulgación de in... • https://source.android.com/security/bulletin/android-13 • CWE-203: Observable Discrepancy •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20251
https://notcve.org/view.php?id=CVE-2022-20251
11 Aug 2022 — In LocaleManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-225881167 En LocaleManager, se presenta una posible forma de determinar si una aplicación está instalada, sin permisos de consulta, debido a la divulgación de info... • https://source.android.com/security/bulletin/android-13 • CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20250
https://notcve.org/view.php?id=CVE-2022-20250
11 Aug 2022 — In Messaging, there is a possible way to attach files to a message without proper access checks due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-226134095 En Messaging, es posible adjuntar archivos a un mensaje sin que sea comprobado el acceso de forma apropiada debido a una comprobación de entrada inapropiada. Esto podría conllevar a... • https://source.android.com/security/bulletin/android-13 •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20249
https://notcve.org/view.php?id=CVE-2022-20249
11 Aug 2022 — In LocaleManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-226900861 En LocaleManager, se presenta una posible forma de determinar si una aplicación está instalada, sin permisos de consulta, debido a una divulgación de inf... • https://source.android.com/security/bulletin/android-13 • CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20248
https://notcve.org/view.php?id=CVE-2022-20248
11 Aug 2022 — In Settings, there is a possible way to connect to an open network bypassing DISALLOW_CONFIG_WIFI restriction due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227619193 En Settings, se presenta una posible forma de conectarse a una red abierta al omitir la restricción DISALLOW_CONFIG_WIFI debido a un error lógico en el código. Est... • https://source.android.com/security/bulletin/android-13 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20247
https://notcve.org/view.php?id=CVE-2022-20247
11 Aug 2022 — In Media, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-229858836 En Media, se presenta una posible lectura fuera de límites debido a un desbordamiento del búfer de la pila. Esto podría conllevar a una divulgación remota de información sin ser necesarios privilegios de ejecución adicionales. ... • https://source.android.com/security/bulletin/android-13 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20246
https://notcve.org/view.php?id=CVE-2022-20246
11 Aug 2022 — In WindowManager, there is a possible bypass of the restrictions for starting activities from the background due to an incorrect UID/permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-230493191 En WindowManager, es posible omitir las restricciones para iniciar actividades desde el fondo debido a una comprobación incorrecta de UID/permisos. Esto pod... • https://source.android.com/security/bulletin/android-13 • CWE-276: Incorrect Default Permissions •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20245
https://notcve.org/view.php?id=CVE-2022-20245
11 Aug 2022 — In WindowManager, there is a possible method to create a recording of the lock screen due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-215005011 En WindowManager, se presenta un posible método para crear una grabación de la pantalla de bloqueo debido a un valor predeterminado no seguro. Esto podría conllevar a una divulgación de inform... • https://source.android.com/security/bulletin/android-13 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20244
https://notcve.org/view.php?id=CVE-2022-20244
11 Aug 2022 — In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if more than 100 bluetooth devices have been connected with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-201083240 En Bluetooth, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada local de privilegi... • https://source.android.com/security/bulletin/android-13 • CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20243
https://notcve.org/view.php?id=CVE-2022-20243
11 Aug 2022 — In Core Utilities, there is a possible log information disclosure. This could lead to local information disclosure of sensitive browsing data with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-190199986 En Core Utilities, se presenta una posible divulgación de información de registro. Esto podría conllevar a una divulgación de información local de datos de navegación confidenciales con los privilegios de ejecución System... • https://source.android.com/security/bulletin/android-13 • CWE-319: Cleartext Transmission of Sensitive Information •