Google Google Software and search

Do you want an email whenever new security vulnerabilities are reported in any Google product?

Products by Google Sorted by Most Security Vulnerabilities since 2018

Google Android2442 vulnerabilities
Mobile operating system

Google Chrome1324 vulnerabilities
Web browser

Google Tensorflow323 vulnerabilities
Open source machine learning / AI library

Google Chrome Os23 vulnerabilities

Google Asylo14 vulnerabilities

Google Fuchsia4 vulnerabilities

Google Fscrypt4 vulnerabilities

Google Gvisor3 vulnerabilities

Google Monorail3 vulnerabilities

Google Gerrit3 vulnerabilities

Google Protobuf2 vulnerabilities

Google Earth2 vulnerabilities

Google Kubernetes Engine2 vulnerabilities

Google Guava2 vulnerabilities

Google Kctf1 vulnerability

Google Openthread1 vulnerability

Google Perfetto1 vulnerability

Google Protobuf Kotlin1 vulnerability

Google Protobuf Java1 vulnerability

Google Go Attestation1 vulnerability

Google Santa1 vulnerability

Google Skia1 vulnerability

Google Slashify1 vulnerability

Google Slo Generator1 vulnerability

Google Snappy1 vulnerability

Google Tink1 vulnerability

Google Titan Security Key1 vulnerability

Google Toolbar1 vulnerability

Google Voice Builder1 vulnerability

Google Android Api1 vulnerability

Google Angle1 vulnerability

Google Api C Client1 vulnerability

Google Bazel1 vulnerability

Google Bindiff1 vulnerability

Google BoringSSL1 vulnerability
BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.

Google Brotli1 vulnerability

Google Cardboard1 vulnerability

Google Chrome Launcher1 vulnerability

Google Closure Library1 vulnerability

Google Gson1 vulnerability

Google Firebase Php Jwt1 vulnerability

Google Firebaseutil1 vulnerability

Google Protobuf1 vulnerability

Recent Google Security Advisories

Advisory Title Published
Android Security Bulletin—June 2022 | Android Open Source Project June 15, 2022
Pixel Update Bulletin—June 2022 | Android Open Source Project June 15, 2022
Android Automotive OS Update Bulletin—May 2022 | Android Open Source Project May 10, 2022
Pixel Update Bulletin—May 2022 | Android Open Source Project May 10, 2022
Pixel Update Bulletin—April 2022 | Android Open Source Project April 12, 2022
Android Security Bulletin—April 2022 | Android Open Source Project April 12, 2022
Chrome Releases: Stable Channel Update for Desktop April 5, 2022
Chrome Releases: Stable Channel Update for Desktop April 5, 2022
Chrome Releases: Stable Channel Update for Desktop April 5, 2022
Android 12L Security Release Notes | Android Open Source Project March 30, 2022

@google Tweets

RT @GoogleSmallBiz: For small business owner Casey Dworkin of @SylvenNewYork, having an extra hand is essential to her work. See how the #P…
Tue Jun 28 18:59:29 +0000 2022

By the Year

In 2022 there have been 557 vulnerabilities in Google with an average score of 7.0 out of ten. Last year Google had 1123 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Google in 2022 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2022 is greater by 0.02.

Year Vulnerabilities Average Score
2022 557 7.04
2021 1123 7.02
2020 982 7.10
2019 808 7.11
2018 419 7.41

It may take a day or so for new Google vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Google Security Vulnerabilities

In multiple locations of the nanopb library, there is a possible way to corrupt memory when decoding untrusted protobuf files

CVE-2022-20203 7.8 - High - June 15, 2022

In multiple locations of the nanopb library, there is a possible way to corrupt memory when decoding untrusted protobuf files. This could lead to local escalation of privilege,with no additional execution privileges needed. User interaction is not needed for exploitation.

Product: AndroidVersions: Android kernelAndroid ID: A-209421931References: N/A

CVE-2022-20170 9.8 - Critical - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-209421931References: N/A

In closef of label_backends_android.c, there is a possible way to corrupt memory due to a double free

CVE-2021-39806 7.8 - High - June 15, 2022

In closef of label_backends_android.c, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege during startup of servicemanager, if an attacker can trigger an initialization failure, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215387420

Double-free

In ACTION_MANAGED_PROFILE_PROVISIONED of DevicePolicyManagerService.java

CVE-2022-20138 7.8 - High - June 15, 2022

In ACTION_MANAGED_PROFILE_PROVISIONED of DevicePolicyManagerService.java, there is a possible way for unprivileged app to send MANAGED_PROFILE_PROVISIONED intent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-210469972

In read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an incorrect bounds check

CVE-2022-20140 9.8 - Critical - June 15, 2022

In read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-227618988

Memory Corruption

In createFromParcel of GeofenceHardwareRequestParcelable.java, there is a possible arbitrary code execution due to parcel mismatch

CVE-2022-20142 7.8 - High - June 15, 2022

In createFromParcel of GeofenceHardwareRequestParcelable.java, there is a possible arbitrary code execution due to parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-216631962

In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent denial of service due to resource exhaustion

CVE-2022-20143 5.5 - Medium - June 15, 2022

In addAutomaticZenRule of ZenModeHelper.java, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220735360

Resource Exhaustion

In multiple functions of AvatarPhotoController.java

CVE-2022-20144 7.8 - High - June 15, 2022

In multiple functions of AvatarPhotoController.java, there is a possible access to content owned by system content providers due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-187702830

In startLegacyVpnPrivileged of Vpn.java, there is a possible way to retrieve VPN credentials due to a protocol downgrade attack

CVE-2022-20145 9.8 - Critical - June 15, 2022

In startLegacyVpnPrivileged of Vpn.java, there is a possible way to retrieve VPN credentials due to a protocol downgrade attack. This could lead to remote escalation of privilege if a malicious Wi-Fi AP is used, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-201660636

In rcu_cblist_dequeue of rcu_segcblist.c, there is a possible use-after-free due to improper locking

CVE-2022-20153 6.7 - Medium - June 15, 2022

In rcu_cblist_dequeue of rcu_segcblist.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222091980References: Upstream kernel

Dangling pointer

In lock_sock_nested of sock.c, there is a possible use after free due to a race condition

CVE-2022-20154 6.4 - Medium - June 15, 2022

In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174846563References: Upstream kernel

Race Condition

In ipu_core_jqs_msg_transport_kernel_write_sync of ipu-core-jqs-msg-transport.c, there is a possible use-after-free due to a race condition

CVE-2022-20155 7 - High - June 15, 2022

In ipu_core_jqs_msg_transport_kernel_write_sync of ipu-core-jqs-msg-transport.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-176754369References: N/A

Race Condition

In unflatten of GraphicBuffer.cpp, there is a possible arbitrary code execution due to improper input validation

CVE-2022-20156 7.8 - High - June 15, 2022

In unflatten of GraphicBuffer.cpp, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-212803946References: N/A

Improper Input Validation

In asn1_p256_int of crypto/asn1.c, there is a possible out of bounds read due to an incorrect bounds check

CVE-2022-20162 4.4 - Medium - June 15, 2022

In asn1_p256_int of crypto/asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223492713References: N/A

Out-of-bounds Read

In asn1_parse of asn1.c, there is a possible out of bounds read due to an incorrect bounds check

CVE-2022-20165 4.4 - Medium - June 15, 2022

In asn1_parse of asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-220868345References: N/A

Out-of-bounds Read

In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow

CVE-2022-20166 6.7 - Medium - June 15, 2022

In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182388481References: Upstream kernel

Memory Corruption

Product: AndroidVersions: Android kernelAndroid ID: A-215565667References: N/A

CVE-2022-20171 9.8 - Critical - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-215565667References: N/A

In onbind of ShannonRcsService.java, there is a possible access to protect data due to a missing permission check

CVE-2022-20172 5.5 - Medium - June 15, 2022

In onbind of ShannonRcsService.java, there is a possible access to protect data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-206987222References: N/A

Product: AndroidVersions: Android kernelAndroid ID: A-207116951References: N/A

CVE-2022-20173 9.8 - Critical - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-207116951References: N/A

In exynos_secEnv_init of mach-gs101.c, there is a possible out of bounds read due to an incorrect bounds check

CVE-2022-20174 4.4 - Medium - June 15, 2022

In exynos_secEnv_init of mach-gs101.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210847407References: N/A

Out-of-bounds Read

Product: AndroidVersions: Android kernelAndroid ID: A-209252491References: N/A

CVE-2022-20175 7.5 - High - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-209252491References: N/A

In auth_store of sjtag-driver.c, there is a possible read of uninitialized memory due to a missing bounds check

CVE-2022-20176 4.4 - Medium - June 15, 2022

In auth_store of sjtag-driver.c, there is a possible read of uninitialized memory due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-197787879References: N/A

Product: AndroidVersions: Android kernelAndroid ID: A-209906686References: N/A

CVE-2022-20177 7.5 - High - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-209906686References: N/A

In ioctl_dpm_qos_update and ioctl_event_control_set of (TBD), there is a possible out of bounds write due to an integer overflow

CVE-2022-20178 6.7 - Medium - June 15, 2022

In ioctl_dpm_qos_update and ioctl_event_control_set of (TBD), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-224932775References: N/A

Memory Corruption

Product: AndroidVersions: Android kernelAndroid ID: A-211683760References: N/A

CVE-2022-20179 7.5 - High - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-211683760References: N/A

Product: AndroidVersions: Android kernelAndroid ID: A-210936609References: N/A

CVE-2022-20181 7.5 - High - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-210936609References: N/A

In handle_ramdump of pixel_loader.c, there is a possible way to create a ramdump of non-secure memory due to a missing permission check

CVE-2022-20182 4.4 - Medium - June 15, 2022

In handle_ramdump of pixel_loader.c, there is a possible way to create a ramdump of non-secure memory due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222348453References: N/A

In hypx_create_blob_dmabuf of faceauth_hypx.c, there is a possible out of bounds write due to a missing bounds check

CVE-2022-20183 6.7 - Medium - June 15, 2022

In hypx_create_blob_dmabuf of faceauth_hypx.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188911154References: N/A

Memory Corruption

Product: AndroidVersions: Android kernelAndroid ID: A-209153114References: N/A

CVE-2022-20184 7.5 - High - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-209153114References: N/A

In TBD of TBD, there is a possible use after free bug

CVE-2022-20185 6.7 - Medium - June 15, 2022

In TBD of TBD, there is a possible use after free bug. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-208842348References: N/A

Dangling pointer

In kbase_mem_alias of mali_kbase_mem_linux.c, there is a possible arbitrary code execution due to improper input validation

CVE-2022-20186 7.8 - High - June 15, 2022

In kbase_mem_alias of mali_kbase_mem_linux.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-215001024References: N/A

Improper Input Validation

Product: AndroidVersions: Android kernelAndroid ID: A-207254598References: N/A

CVE-2022-20188 7.5 - High - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-207254598References: N/A

Product: AndroidVersions: Android kernelAndroid ID: A-208744915References: N/A

CVE-2022-20190 7.5 - High - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-208744915References: N/A

Product: AndroidVersions: Android kernelAndroid ID: A-209324757References: N/A

CVE-2022-20191 9.8 - Critical - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-209324757References: N/A

In grantEmbeddedWindowFocus of WindowManagerService.java

CVE-2022-20192 7.8 - High - June 15, 2022

In grantEmbeddedWindowFocus of WindowManagerService.java, there is a possible way to change an input channel for embedded hierarchy due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215912712

In getUniqueUsagesWithLabels of PermissionUsageHelper.java

CVE-2022-20193 7.3 - High - June 15, 2022

In getUniqueUsagesWithLabels of PermissionUsageHelper.java, there is a possible incorrect permission attribution due to a logic error in the code. This could lead to local escalation of privilege by conflating apps with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-212434116

In onCreate of ChooseLockGeneric.java, there is a possible permission bypass

CVE-2022-20194 7.8 - High - June 15, 2022

In onCreate of ChooseLockGeneric.java, there is a possible permission bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-222684510

In the keystore library, there is a possible prevention of access to system Settings due to unsafe deserialization

CVE-2022-20195 5 - Medium - June 15, 2022

In the keystore library, there is a possible prevention of access to system Settings due to unsafe deserialization. This could lead to local denial of service with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-213172664

Marshaling, Unmarshaling

In gallery3d and photos, there is a possible permission bypass due to a confused deputy

CVE-2022-20196 5 - Medium - June 15, 2022

In gallery3d and photos, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-201535148

In recycle of Parcel.java, there is a possible way to start foreground activity from background due to a permissions bypass

CVE-2022-20197 7.8 - High - June 15, 2022

In recycle of Parcel.java, there is a possible way to start foreground activity from background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-208279300

In llcp_dlc_proc_connect_pdu of llcp_dlc.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2022-20198 4.4 - Medium - June 15, 2022

In llcp_dlc_proc_connect_pdu of llcp_dlc.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure from the NFC stack with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-221851879

Out-of-bounds Read

In updateApState of SoftApManager.java, there is a possible leak of hotspot state due to a missing permission check

CVE-2022-20200 5.5 - Medium - June 15, 2022

In updateApState of SoftApManager.java, there is a possible leak of hotspot state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-212695058

In getAppSize of InstalldNativeService.cpp, there is a possible out of bounds read due to a missing bounds check

CVE-2022-20201 6.7 - Medium - June 15, 2022

In getAppSize of InstalldNativeService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-220733817

Memory Corruption

In ih264_resi_trans_quant_4x4_sse42 of ih264_resi_trans_quant_sse42.c, there is a possible out of bounds read due to a heap buffer overflow

CVE-2022-20202 6.5 - Medium - June 15, 2022

In ih264_resi_trans_quant_4x4_sse42 of ih264_resi_trans_quant_sse42.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-204704614

Memory Corruption

In registerRemoteBugreportReceivers of DevicePolicyManagerService.java

CVE-2022-20204 7.8 - High - June 15, 2022

In registerRemoteBugreportReceivers of DevicePolicyManagerService.java, there is a possible reporting of falsified bug reports due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-171495100

In isFileUri of FileUtil.java, there is a possible way to bypass the check for a file:// scheme due to improper input validation

CVE-2022-20205 5.5 - Medium - June 15, 2022

In isFileUri of FileUtil.java, there is a possible way to bypass the check for a file:// scheme due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215212561

Improper Input Validation

In setPackageOrComponentEnabled of NotificationManagerService.java, there is a missing permission check

CVE-2022-20206 5.5 - Medium - June 15, 2022

In setPackageOrComponentEnabled of NotificationManagerService.java, there is a missing permission check. This could lead to local information disclosure about enabled notification listeners with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-220737634

In static definitions of GattServiceConfig.java, there is a possible permission bypass due to an insecure default value

CVE-2022-20207 7.8 - High - June 15, 2022

In static definitions of GattServiceConfig.java, there is a possible permission bypass due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-185513714

In parseRecursively of cppbor_parse.cpp, there is a possible out of bounds read due to an incorrect bounds check

CVE-2022-20208 4.4 - Medium - June 15, 2022

In parseRecursively of cppbor_parse.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-192743373

Out-of-bounds Read

In hme_add_new_node_to_a_sorted_array of hme_utils.c, there is a possible out of bounds read due to a heap buffer overflow

CVE-2022-20209 7.5 - High - June 15, 2022

In hme_add_new_node_to_a_sorted_array of hme_utils.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-207502397

Memory Corruption

The UE and the EMM communicate with each other using NAS messages

CVE-2022-20210 9.8 - Critical - June 15, 2022

The UE and the EMM communicate with each other using NAS messages. When a new NAS message arrives from the EMM, the modem parses it and fills in internal objects based on the received data. A bug in the parsing code could be used by an attacker to remotely crash the modem, which could lead to DoS or RCE.Product: AndroidVersions: Android SoCAndroid ID: A-228868888

In param_find_digests_internal and related functions of the Titan-M source

CVE-2022-20233 6.7 - Medium - June 15, 2022

In param_find_digests_internal and related functions of the Titan-M source, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222472803References: N/A

Memory Corruption

In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking

CVE-2022-20141 7.8 - High - June 15, 2022

In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel

Improper Locking

In uploadFile of FileUploadServiceImpl.java, there is a possible incorrect file access due to a confused deputy

CVE-2022-20146 5.5 - Medium - June 15, 2022

In uploadFile of FileUploadServiceImpl.java, there is a possible incorrect file access due to a confused deputy. This could lead to local information disclosure of private files with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-211757677References: N/A

In nfa_dm_check_set_config of nfa_dm_main.cc, there is a possible out of bounds write due to a missing bounds check

CVE-2022-20147 7.8 - High - June 15, 2022

In nfa_dm_check_set_config of nfa_dm_main.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221216105

Memory Corruption

In TBD of TBD, there is a possible use-after-free due to a race condition

CVE-2022-20148 6.4 - Medium - June 15, 2022

In TBD of TBD, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-219513976References: Upstream kernel

Race Condition

Product: AndroidVersions: Android kernelAndroid ID: A-211685939References: N/A

CVE-2022-20149 7.5 - High - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-211685939References: N/A

Product: AndroidVersions: Android kernelAndroid ID: A-210712565References: N/A

CVE-2022-20151 7.5 - High - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-210712565References: N/A

In the TitanM chip, there is a possible out of bounds write due to a missing bounds check

CVE-2022-20152 6.7 - Medium - June 15, 2022

In the TitanM chip, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-202006198References: N/A

Memory Corruption

In asn1_ec_pkey_parse of acropora/crypto/asn1_common.c, there is a possible out of bounds read due to an incorrect bounds check

CVE-2022-20159 4.4 - Medium - June 15, 2022

In asn1_ec_pkey_parse of acropora/crypto/asn1_common.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210971465References: N/A

Out-of-bounds Read

Product: AndroidVersions: Android kernelAndroid ID: A-210083655References: N/A

CVE-2022-20160 9.8 - Critical - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-210083655References: N/A

Product: AndroidVersions: Android kernelAndroid ID: A-204891956References: N/A

CVE-2022-20164 9.8 - Critical - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-204891956References: N/A

Product: AndroidVersions: Android kernelAndroid ID: A-211162353References: N/A

CVE-2022-20169 7.5 - High - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-211162353References: N/A

Product: AndroidVersions: Android kernelAndroid ID: A-210594998References: N/A

CVE-2022-20168 7.5 - High - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-210594998References: N/A

Product: AndroidVersions: Android kernelAndroid ID: A-204956204References: N/A

CVE-2022-20167 9.8 - Critical - June 15, 2022

Product: AndroidVersions: Android kernelAndroid ID: A-204956204References: N/A

In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when processing user input

CVE-2021-39691 7.3 - High - June 15, 2022

In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when processing user input. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-157929241

Clickjacking

In setScanMode of AdapterService.java

CVE-2022-20126 7.3 - High - June 15, 2022

In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode without user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-203431023

authentification

In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2022-20131 7.5 - High - June 15, 2022

In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221856662

Memory Corruption

In setDiscoverableTimeout of AdapterService.java, there is a possible bypass of user interaction due to a missing permission check

CVE-2022-20133 7.8 - High - June 15, 2022

In setDiscoverableTimeout of AdapterService.java, there is a possible bypass of user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-206807679

In writeToParcel of GateKeeperResponse.java, there is a possible parcel format mismatch

CVE-2022-20135 7.8 - High - June 15, 2022

In writeToParcel of GateKeeperResponse.java, there is a possible parcel format mismatch. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220303465

In onCreateContextMenu of NetworkProviderSettings.java

CVE-2022-20137 7.3 - High - June 15, 2022

In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-206986392

Incorrect Default Permissions

In registerPhoneAccount of PhoneAccountRegistrar.java, there is a possible way to prevent the user

CVE-2022-20129 5.5 - Medium - June 15, 2022

In registerPhoneAccount of PhoneAccountRegistrar.java, there is a possible way to prevent the user from selecting a phone account due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-217934478

Improper Input Validation

In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out of bounds write due to a heap buffer overflow

CVE-2022-20130 9.8 - Critical - June 15, 2022

In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224314979

Memory Corruption

In lg_probe and related functions of hid-lg.c and other USB HID files

CVE-2022-20132 4.6 - Medium - June 15, 2022

In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188677105References: Upstream kernel

Out-of-bounds Read

In readArguments of CallSubjectDialog.java

CVE-2022-20134 7.8 - High - June 15, 2022

In readArguments of CallSubjectDialog.java, there is a possible way to trick the user to call the wrong phone number due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-218341397

Improper Input Validation

In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check

CVE-2022-20123 7.5 - High - June 15, 2022

In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221852424

Out-of-bounds Read

In deletePackageX of DeletePackageHelper.java

CVE-2022-20124 7.8 - High - June 15, 2022

In deletePackageX of DeletePackageHelper.java, there is a possible way for a Guest user to reset pre-loaded applications for other users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-170646036

In GBoard, there is a possible way to bypass factory reset protections due to a sandbox escape

CVE-2022-20125 6.8 - Medium - June 15, 2022

In GBoard, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-194402515

In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free

CVE-2022-20127 9.8 - Critical - June 15, 2022

In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221862119

Memory Corruption

kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions

CVE-2022-31055 7.5 - High - June 13, 2022

kCTF is a Kubernetes-based infrastructure for capture the flag (CTF) competitions. Prior to version 1.6.0, the kctf cluster set-src-ip-ranges was broken and allowed traffic from any IP. The problem has been patched in v1.6.0. As a workaround, those who want to test challenges privately can mark them as `public: false` and use `kctf chal debug port-forward` to connect.

AuthZ

Improper handling of insufficient permissions vulnerability in addAppPackageNameTo

CVE-2022-30727 5.5 - Medium - June 07, 2022

Improper handling of insufficient permissions vulnerability in addAppPackageNameToAllowList in PersonaManagerService prior to SMR Jun-2022 Release 1 allows local attackers to set some setting value in work space.

Improper Handling of Exceptional Conditions

Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1

CVE-2022-30728 3.3 - Low - June 07, 2022

Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.

Exposure of Resource to Wrong Sphere

Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionError function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.

CVE-2022-30725 4.3 - Medium - June 07, 2022

Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionError function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.

Improper Handling of Exceptional Conditions

Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in activateVoiceRecognitionWithDevice function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.

CVE-2022-30723 4.3 - Medium - June 07, 2022

Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in activateVoiceRecognitionWithDevice function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.

Improper Handling of Exceptional Conditions

Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionCompleted function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.

CVE-2022-30724 4.3 - Medium - June 07, 2022

Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionCompleted function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.

Improper Handling of Exceptional Conditions

Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1

CVE-2022-30721 5.3 - Medium - June 07, 2022

Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.

Improper Input Validation

Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1

CVE-2022-30720 5.3 - Medium - June 07, 2022

Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.

Improper Input Validation

Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1

CVE-2022-30719 5.3 - Medium - June 07, 2022

Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.

Improper Input Validation

Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1

CVE-2022-30717 7.5 - High - June 07, 2022

Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1 allows untrusted applications to use some camera functions via deeplink.

AuthZ

Unprotected broadcast in sendIntentForToastDumpLog in DisplayToast prior to SMR Jun-2022 Release 1

CVE-2022-30716 5.3 - Medium - June 07, 2022

Unprotected broadcast in sendIntentForToastDumpLog in DisplayToast prior to SMR Jun-2022 Release 1 allows untrusted applications to access toast message information from device.

Improper Handling of Exceptional Conditions

Improper access control vulnerability in DofViewer prior to SMR Jun-2022 Release 1

CVE-2022-30715 5.3 - Medium - June 07, 2022

Improper access control vulnerability in DofViewer prior to SMR Jun-2022 Release 1 allows attackers to control floating system alert window.

AuthZ

Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1

CVE-2022-30714 3.3 - Low - June 07, 2022

Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.

Exposure of Resource to Wrong Sphere

Improper validation vulnerability in LSOItemData prior to SMR Jun-2022 Release 1

CVE-2022-30713 9.1 - Critical - June 07, 2022

Improper validation vulnerability in LSOItemData prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.

Improper Input Validation

Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1

CVE-2022-30711 9.1 - Critical - June 07, 2022

Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.

Improper Input Validation

Unprotected component vulnerability in DeviceSearchTrampoline in SecSettingsIntelligence prior to SMR Jun-2022 Release 1

CVE-2022-30726 7.8 - High - June 07, 2022

Unprotected component vulnerability in DeviceSearchTrampoline in SecSettingsIntelligence prior to SMR Jun-2022 Release 1 allows local attackers to launch activities of SecSettingsIntelligence.

Implicit Intent hijacking vulnerability in Settings prior to SMR Jun-2022 Release 1

CVE-2022-30729 4.6 - Medium - June 07, 2022

Implicit Intent hijacking vulnerability in Settings prior to SMR Jun-2022 Release 1 allows attackers to get Wi-Fi SSID and password via a malicious QR code scanner.

Implicit Intent hijacking vulnerability in Samsung Account prior to SMR Jun-2022 Release 1

CVE-2022-30722 9.8 - Critical - June 07, 2022

Implicit Intent hijacking vulnerability in Samsung Account prior to SMR Jun-2022 Release 1 allows attackers to bypass user confirmation of Samsung Account.

Improper input validation check logic vulnerability in SECRIL prior to SMR Jun-2022 Release 1

CVE-2022-30709 5.3 - Medium - June 07, 2022

Improper input validation check logic vulnerability in SECRIL prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.

Improper Input Validation

Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1

CVE-2022-30712 9.1 - Critical - June 07, 2022

Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.

Improper Input Validation

Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1

CVE-2022-30710 9.1 - Critical - June 07, 2022

Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.

Improper Input Validation

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD), Icons by Icons8. Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.