Shodan
Vulnerabilities
Vulnerable Software
Google:  >> Android  >> 10.0  Security Vulnerabilities
CVE-2022-39847
Use after free vulnerability in set_nft_pid and signal_handler function of NFC driver prior to SMR Oct-2022 Release 1 allows attackers to perform malicious actions.
CVSS Score
4.9
EPSS Score
0.0
Published
2022-10-07
CVE-2022-39848
Exposure of sensitive information in AT_Distributor prior to SMR Oct-2022 Release 1 allows local attacker to access SerialNo via log.
CVSS Score
4.0
EPSS Score
0.0
Published
2022-10-07
CVE-2022-39849
Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.
CVSS Score
3.3
EPSS Score
0.0
Published
2022-10-07
CVE-2022-39850
Improper access control in mum_container_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data.
CVSS Score
3.3
EPSS Score
0.0
Published
2022-10-07
CVE-2022-20392
In declareDuplicatePermission of ParsedPermissionUtils.java, there is a possible way to obtain a dangerous permission without user consent due to improper input validation. This could lead to local escalation of privilege during app installation or upgrade with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-213323615
CVSS Score
7.8
EPSS Score
0.0
Published
2022-09-13
CVE-2022-39119
In network service, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed
CVSS Score
7.8
EPSS Score
0.001
Published
2022-09-09
CVE-2022-36858
A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc() function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
CVSS Score
4.4
EPSS Score
0.0
Published
2022-09-09
CVE-2022-36860
A heap-based overflow vulnerability in LoadEnvironment function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
CVSS Score
4.4
EPSS Score
0.0
Published
2022-09-09
CVE-2022-36861
Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystemUI privilege.
CVSS Score
5.9
EPSS Score
0.0
Published
2022-09-09
CVE-2022-36862
A heap-based overflow vulnerability in HWR::EngineCJK::Impl::Construct() in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
CVSS Score
4.4
EPSS Score
0.0
Published
2022-09-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved