Google: >> Android >> 10.0 Security Vulnerabilities
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-12-06
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446207; Issue ID: ALPS07446207.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-12-05
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446213; Issue ID: ALPS07446213.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-12-05
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-12-05
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-12-05
In keyinstall, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07439659; Issue ID: ALPS07439659.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-12-05
In mpu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07541753; Issue ID: ALPS07541753.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-12-05
Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged API.
CVSS Score
4.0
EPSS Score
0.0
Published
2022-11-09
Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information.
CVSS Score
4.3
EPSS Score
0.0
Published
2022-11-09
Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to SMR Nov-2022 Release 1 allows local attacker to access to Device information.
CVSS Score
5.9
EPSS Score
0.0
Published
2022-11-09