Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
android api vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-0927
Use after free in Web Payments API in Google Chrome on Android before 110.0.5481.177 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google Chrome
NA
CVE-2023-0130
Inappropriate implementation in in Fullscreen API in Google Chrome on Android before 109.0.5414.74 allowed a remote malicious user to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
NA
CVE-2023-0136
Inappropriate implementation in in Fullscreen API in Google Chrome on Android before 109.0.5414.74 allowed a remote malicious user to execute incorrect security UI via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
NA
CVE-2022-20442
In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a separate app with API level < 23 due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is ne...
Google Android 10.0
Google Android 11.0
Google Android 12.0
NA
CVE-2022-39883
Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local malicious user to call privileged API.
Google Android 10.0
Google Android 11.0
Google Android 12.0
NA
CVE-2022-42720
Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 up to and including 5.19.x prior to 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.
Linux Linux Kernel
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
NA
CVE-2022-42721
A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 up to and including 5.19.x prior to 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.
Linux Linux Kernel
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2022-42722
In the Linux kernel 5.8 up to and including 5.19.x prior to 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.
Linux Linux Kernel
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories
NA
CVE-2022-41674
An issue exists in the Linux kernel prior to 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.
Linux Linux Kernel
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
NA
CVE-2022-42719
A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 up to and including 5.19.x prior to 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.
Linux Linux Kernel
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »