Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google android 10.0 vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2022-20344
In stealReceiveChannel of EventThread.cpp, there is a possible way to interfere with process communication due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Pro...
Google Android 10.0
Google Android 11.0
Google Android 12.0
Google Android 12.1
6.5
CVSSv3
CVE-2022-20346
In updateAudioTrackInfoFromESDS_MPEG4Audio of MPEG4Extractor.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation....
Google Android 10.0
Google Android 11.0
Google Android 12.0
Google Android 12.1
8.8
CVSSv3
CVE-2022-20347
In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploit...
Google Android 10.0
Google Android 11.0
Google Android 12.0
Google Android 12.1
7.8
CVSSv3
CVE-2022-20348
In updateState of LocationServicesWifiScanningPreferenceController.java, there is a possible admin restriction bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...
Google Android 10.0
Google Android 11.0
Google Android 12.0
Google Android 12.1
7.8
CVSSv3
CVE-2022-20349
In WifiScanningPreferenceController and BluetoothScanningPreferenceController, there is a possible admin restriction bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not ...
Google Android 10.0
Google Android 11.0
Google Android 12.0
Google Android 12.1
5.5
CVSSv3
CVE-2022-20350
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to trick the victim to grant notification access to the wrong app due to improper input validation. This could lead to local information disclosure with User execution privileges needed. User inte...
Google Android 10.0
Google Android 11.0
Google Android 12.0
Google Android 12.1
5.5
CVSSv3
CVE-2022-20351
In queryInternal of CallLogProvider.java, there is a possible access to voicemail information due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVers...
Google Android 10.0
Google Android 11.0
Google Android 12.0
Google Android 12.1
5.5
CVSSv3
CVE-2022-20353
In onSaveRingtone of DefaultRingtonePreference.java, there is a possible inappropriate file read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Produ...
Google Android 10.0
Google Android 11.0
Google Android 12.0
Google Android 12.1
7.8
CVSSv3
CVE-2019-2193
In WelcomeActivity.java and related files, there is a possible permissions bypass due to a partially provisioned Device Policy Client. This could lead to local escalation of privilege, leaving an Admin app installed with no indication to the user, with User execution privileges n...
Google Android 8.0
Google Android 8.1
Google Android 9.0
Google Android 10.0
7.8
CVSSv3
CVE-2019-2195
In tokenize of sqlite3_android.cpp, there is a possible attacker controlled INSERT statement due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
Google Android 8.0
Google Android 8.1
Google Android 9.0
Google Android 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »