CVE-2022-20493

HIGH Year: 2022
CVSS v3 Score
7.8
High
Weakness Type
CWE-1284
View all →

Vulnerability Description

In Condition of Condition.java, there is a possible way to grant notification access due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242846316

Related Vulnerabilities

CVE-2010-3904

HIGH
CVSS:7.8(High)

The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from us...

CWE-12842010

CVE-2021-1081

HIGH
CVSS:7.8(High)

NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure...

CWE-12842021

CVE-2021-1082

HIGH
CVSS:7.8(High)

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure, tampering of data, or denia...

CWE-12842021

CVE-2021-1083

HIGH
CVSS:7.8(High)

NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and Virtual GPU Manager (vGPU plugin), in which an input length is not validated, which may lead to information disclosure...

CWE-12842021

CVE-2021-30350

HIGH
CVSS:7.8(High)

Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial ...

CWE-12842021

CVE-2021-35132

HIGH
CVSS:7.8(High)

Out of bound write in DSP service due to improper bound check for response buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial I...

CWE-12842021