CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20204
https://notcve.org/view.php?id=CVE-2022-20204
15 Jun 2022 — In registerRemoteBugreportReceivers of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-171495100 En la función registerRemoteBugreportReceivers del archivo DevicePolicyManagerService.java, se presenta la posibilidad de que sean informados in... • https://source.android.com/security/bulletin/pixel/2022-06-01 • CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20202
https://notcve.org/view.php?id=CVE-2022-20202
15 Jun 2022 — In ih264_resi_trans_quant_4x4_sse42 of ih264_resi_trans_quant_sse42.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-204704614 En la función ih264_resi_trans_quant_4x4_sse42 del archivo ih264_resi_trans_quant_sse42.c, se presenta una posible lectura fuera de límites debido a un desbordamiento de... • https://source.android.com/security/bulletin/pixel/2022-06-01 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20201
https://notcve.org/view.php?id=CVE-2022-20201
15 Jun 2022 — In getAppSize of InstalldNativeService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-220733817 En la función getAppSize del archivo InstalldNativeService.cpp, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una escalada lo... • https://source.android.com/security/bulletin/pixel/2022-06-01 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20200
https://notcve.org/view.php?id=CVE-2022-20200
15 Jun 2022 — In updateApState of SoftApManager.java, there is a possible leak of hotspot state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-212695058 En la función updateApState del archivo SoftApManager.java, se presenta un posible filtrado del estado del punto de acceso debido a una falta de comprobación de permisos. Esto podría conllev... • https://source.android.com/security/bulletin/pixel/2022-06-01 • CWE-862: Missing Authorization •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20198
https://notcve.org/view.php?id=CVE-2022-20198
15 Jun 2022 — In llcp_dlc_proc_connect_pdu of llcp_dlc.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure from the NFC stack with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-221851879 En la función llcp_dlc_proc_connect_pdu del archivo llcp_dlc.cc, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. Esto podría conllev... • https://source.android.com/security/bulletin/pixel/2022-06-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20197
https://notcve.org/view.php?id=CVE-2022-20197
15 Jun 2022 — In recycle of Parcel.java, there is a possible way to start foreground activity from background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-208279300 En la función recycle del archivo Parcel.java, se presenta una posible forma de iniciar la actividad en primer plano desde el fondo debido a una omisión de permisos. Esto podría con... • https://source.android.com/security/bulletin/pixel/2022-06-01 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20196
https://notcve.org/view.php?id=CVE-2022-20196
15 Jun 2022 — In gallery3d and photos, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-201535148 En gallery3d and photos, se presenta una posible omisión de permisos debido a un problema de tipo confused deputy. Esto podría conllevar a una divulgación de información local sin ser necesarios privilegios de ejecución ad... • https://source.android.com/security/bulletin/pixel/2022-06-01 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20195
https://notcve.org/view.php?id=CVE-2022-20195
15 Jun 2022 — In the keystore library, there is a possible prevention of access to system Settings due to unsafe deserialization. This could lead to local denial of service with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-213172664 En keystore library, se presenta una posible prevención de acceso a los Ajustes del sistema debido a una deserialización no segura. Esto podría conllevar a una denegación de servicio local con los privilegios ... • https://source.android.com/security/bulletin/pixel/2022-06-01 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20194
https://notcve.org/view.php?id=CVE-2022-20194
15 Jun 2022 — In onCreate of ChooseLockGeneric.java, there is a possible permission bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-222684510 En la función onCreate del archivo ChooseLockGeneric.java, se presenta una posible omisión de permisos. Esto podría conllevar a una escalada local de privilegios sin ser necesarios privilegios de ejecución adicionales. No es req... • https://source.android.com/security/bulletin/pixel/2022-06-01 •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-20193
https://notcve.org/view.php?id=CVE-2022-20193
15 Jun 2022 — In getUniqueUsagesWithLabels of PermissionUsageHelper.java, there is a possible incorrect permission attribution due to a logic error in the code. This could lead to local escalation of privilege by conflating apps with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-212434116 En la función getUniqueUsagesWithLabels del archivo PermissionUsageHelper.java, se presenta una posible atribución incorrecta de permisos debido a un err... • https://source.android.com/security/bulletin/pixel/2022-06-01 •