CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Android » 11.0 * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-28788 125 DoS 2022-05-03 2022-05-11
2.1
None Local Low Not required None None Partial
Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.
2 CVE-2022-28787 125 DoS 2022-05-03 2022-05-11
2.1
None Local Low Not required None None Partial
Improper buffer size check logic in wmfextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.
3 CVE-2022-28786 125 DoS 2022-05-03 2022-05-11
2.1
None Local Low Not required None None Partial
Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.
4 CVE-2022-28785 125 DoS 2022-05-03 2022-05-11
2.1
None Local Low Not required None None Partial
Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.
5 CVE-2022-28784 22 Dir. Trav. 2022-05-03 2022-05-11
2.1
None Local Low Not required Partial None None
Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to list file names in arbitrary directory as system user. The patch addresses incorrect implementation of file path validation check logic.
6 CVE-2022-28783 20 2022-05-03 2022-05-11
3.6
None Local Low Not required None Partial Partial
Improper validation of removing package name in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to uninstall arbitrary packages without permission. The patch adds proper validation logic for removing package name.
7 CVE-2022-28782 863 2022-05-03 2022-05-11
2.1
None Local Low Not required None Partial None
Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability.
8 CVE-2022-28781 20 2022-05-03 2022-05-11
7.2
None Local Low Not required Complete Complete Complete
Improper input validation in Settings prior to SMR-May-2022 Release 1 allows attackers to launch arbitrary activity with system privilege. The patch adds proper validation logic to check the caller.
9 CVE-2022-28780 2022-05-03 2022-05-11
2.1
None Local Low Not required Partial None None
Improper access control vulnerability in Weather prior to SMR May-2022 Release 1 allows that attackers can access location information that set in Weather without permission. The patch adds proper protection to prevent access to location information.
10 CVE-2022-27832 125 DoS 2022-04-11 2022-04-18
2.1
None Local Low Not required None None Partial
Improper boundary check in media.extractor library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via a crafted media file.
11 CVE-2022-27831 125 2022-04-11 2022-04-18
3.6
None Local Low Not required Partial None Partial
Improper boundary check in sflvd_rdbuf_bits of libsflvextractor prior to SMR Apr-2022 Release 1 allows attackers to read out of bounds memory.
12 CVE-2022-27830 20 2022-04-11 2022-04-18
7.2
None Local Low Not required Complete Complete Complete
Improper validation vulnerability in SemBlurInfo prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.
13 CVE-2022-27829 20 2022-04-11 2022-04-18
7.2
None Local Low Not required Complete Complete Complete
Improper validation vulnerability in VerifyCredentialResponse prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.
14 CVE-2022-27828 20 2022-04-11 2022-04-18
7.2
None Local Low Not required Complete Complete Complete
Improper validation vulnerability in MediaMonitorEvent prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.
15 CVE-2022-27827 20 2022-04-11 2022-04-18
7.2
None Local Low Not required Complete Complete Complete
Improper validation vulnerability in MediaMonitorDimension prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.
16 CVE-2022-27826 20 2022-04-11 2022-04-18
7.2
None Local Low Not required Complete Complete Complete
Improper validation vulnerability in SemSuspendDialogInfo prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities.
17 CVE-2022-27825 125 2022-04-11 2022-04-18
5.8
None Remote Medium Not required Partial None Partial
Improper size check in sapefd_parse_meta_HEADER function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file.
18 CVE-2022-27824 125 2022-04-11 2022-04-18
5.8
None Remote Medium Not required Partial None Partial
Improper size check of in sapefd_parse_meta_DESCRIPTION function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file
19 CVE-2022-27823 125 2022-04-11 2022-04-18
5.8
None Remote Medium Not required Partial None Partial
Improper size check in sapefd_parse_meta_HEADER_old function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file.
20 CVE-2022-27822 668 2022-04-11 2022-04-18
2.1
None Local Low Not required Partial None None
Information exposure vulnerability in ril property setting prior to SMR April-2022 Release 1 allows access to EF_RUIMID value without permission.
21 CVE-2022-27821 125 DoS 2022-04-11 2022-04-18
4.3
None Remote Medium Not required None None Partial
Improper boundary check in Quram Agif library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via crafted image file.
22 CVE-2022-27576 668 2022-04-11 2022-04-18
4.3
None Remote Medium Not required Partial None None
Information exposure vulnerability in Samsung DeX Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission
23 CVE-2022-27575 668 2022-04-11 2022-04-18
4.3
None Remote Medium Not required Partial None None
Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission.
24 CVE-2022-27574 787 2022-04-11 2022-04-18
7.5
None Remote Low Not required Partial Partial Partial
Improper input validation vulnerability in parser_iloc and sheifd_find_itemIndexin fuctions of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by privileged attacker.
25 CVE-2022-27573 787 2022-04-11 2022-04-18
6.5
None Remote Low ??? Partial Partial Partial
Improper input validation vulnerability in parser_infe and sheifd_find_itemIndexin fuctions of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by privileged attackers.
26 CVE-2022-27572 787 Exec Code Overflow 2022-04-11 2022-04-18
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow vulnerability in parser_ipma function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers.
27 CVE-2022-27571 787 Exec Code Overflow 2022-04-11 2022-04-18
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow vulnerability in sheifd_get_info_image function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.
28 CVE-2022-27570 787 Exec Code Overflow 2022-04-11 2022-04-18
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow vulnerability in parser_single_iref function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.
29 CVE-2022-27569 787 Exec Code Overflow 2022-04-11 2022-04-18
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow vulnerability in parser_infe function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.
30 CVE-2022-27568 787 Exec Code Overflow 2022-04-11 2022-04-18
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow vulnerability in parser_iloc function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.
31 CVE-2022-27567 476 2022-04-11 2022-04-18
7.5
None Remote Low Not required Partial Partial Partial
Null pointer dereference vulnerability in parser_hvcC function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attackers.
32 CVE-2022-26099 476 2022-04-11 2022-04-18
6.4
None Remote Low Not required Partial None Partial
Null pointer dereference vulnerability in parser_infe function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds read by remote attackers.
33 CVE-2022-26098 787 Exec Code Overflow 2022-04-11 2022-04-18
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow vulnerability in sheifd_create function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers.
34 CVE-2022-26097 476 2022-04-11 2022-04-18
7.5
None Remote Low Not required Partial Partial Partial
Null pointer dereference vulnerability in parser_unknown_property function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.
35 CVE-2022-26096 476 2022-04-11 2022-04-18
7.5
None Remote Low Not required Partial Partial Partial
Null pointer dereference vulnerability in parser_ispe function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.
36 CVE-2022-26095 476 2022-04-11 2022-04-18
7.5
None Remote Low Not required Partial Partial Partial
Null pointer dereference vulnerability in parser_colr function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.
37 CVE-2022-26094 476 2022-04-11 2022-04-19
7.5
None Remote Low Not required Partial Partial Partial
Null pointer dereference vulnerability in parser_auxC function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.
38 CVE-2022-26093 476 2022-04-11 2022-04-19
7.5
None Remote Low Not required Partial Partial Partial
Null pointer dereference vulnerability in parser_irot function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.
39 CVE-2022-26092 787 Exec Code 2022-04-11 2022-04-19
7.2
None Local Low Not required Complete Complete Complete
Improper boundary check in Quram Agif library prior to SMR Apr-2022 Release 1 allows arbitrary code execution.
40 CVE-2022-26091 287 Bypass 2022-04-11 2022-04-19
4.6
None Local Low Not required Partial Partial Partial
Improper access control vulnerability in Knox Manage prior to SMR Apr-2022 Release 1 allows that physical attackers can bypass Knox Manage using a function key of hardware keyboard.
41 CVE-2022-26090 668 2022-04-11 2022-04-19
2.1
None Local Low Not required Partial None None
Improper access control vulnerability in SamsungContacts prior to SMR Apr-2022 Release 1 allows that attackers can access contact information without permission.
42 CVE-2022-25833 287 2022-04-11 2022-04-19
2.1
None Local Low Not required Partial None None
Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission.
43 CVE-2022-25832 287 2022-04-11 2022-04-18
4.6
None Local Low Not required Partial Partial Partial
Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to use locked Myfiles app without authentication.
44 CVE-2022-25831 287 2022-04-11 2022-04-18
1.9
None Local Medium Not required Partial None None
Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to access secured data in certain conditions.
45 CVE-2022-25822 416 2022-03-10 2022-03-16
4.9
None Local Low Not required None None Complete
An use after free vulnerability in sdp driver prior to SMR Mar-2022 Release 1 allows kernel crash.
46 CVE-2022-25820 307 2022-03-10 2022-03-16
2.1
None Local Low Not required Partial None None
A vulnerable design in fingerprint matching algorithm prior to SMR Mar-2022 Release 1 allows physical attackers to perform brute force attack on screen lock password.
47 CVE-2022-25817 287 2022-03-10 2022-03-16
2.1
None Local Low Not required None Partial None
Improper authentication in One UI Home prior to SMR Mar-2022 Release 1 allows attacker to generate pinned-shortcut without user consent.
48 CVE-2022-25816 287 2022-03-10 2022-03-16
2.1
None Local Low Not required None Partial None
Improper authentication in Samsung Lock and mask apps setting prior to SMR Mar-2022 Release 1 allows attacker to change enable/disable without authentication
49 CVE-2022-25815 2022-03-10 2022-03-16
4.6
None Local Low Not required Partial Partial Partial
PendingIntent hijacking vulnerability in Weather application prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.
50 CVE-2022-25814 2022-03-10 2022-03-16
4.6
None Local Low Not required Partial Partial Partial
PendingIntent hijacking vulnerability in Wearable Manager Installer prior to SMR Mar-2022 Release 1 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent.
Total number of vulnerabilities : 713   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.