Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2022-20027

    In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126826; ... Read more

    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-20026

    In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126827; ... Read more

    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-20025

    In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06126832; ... Read more

    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-20024

    In system service, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS062... Read more

    Affected Products : android mt6779 mt8791 mt8797 mt6739 mt6761 mt6762 mt6763 mt6765 mt6768 +18 more products
    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-20023

    In Bluetooth, there is a possible application crash due to bluetooth flooding a device with LMP_AU_rand packet. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exp... Read more

    Affected Products : android mt6779 mt6785 mt6833 mt6853 mt6853t mt6873 mt6877 mt6885 mt6889 +48 more products
    • Published: Jan. 04, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-20022

    In Bluetooth, there is a possible link disconnection due to bluetooth does not properly handle a connection attempt from a host with the same BD address as the currently connected BT host. This could lead to remote denial of service of bluetooth with no a... Read more

    Affected Products : android mt6739 mt6753 mt6757 mt6763 mt8321 mt8765 mt8788 mt6735 mt6737 +19 more products
    • Published: Jan. 04, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-20021

    In Bluetooth, there is a possible application crash due to bluetooth does not properly handle the reception of multiple LMP_host_connection_req. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User ... Read more

    Affected Products : android mt6739 mt6753 mt6757 mt6763 mt8321 mt8765 mt8788 mt6735 mt6737 +20 more products
    • Published: Jan. 04, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-20020

    In libvcodecdrv, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05943... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6833 mt6853 mt6873 mt6877 mt6885 mt6893 +18 more products
    • Published: Jan. 04, 2022
    • Modified: Nov. 21, 2024

  • 4.4

    MEDIUM
    CVE-2022-20018

    In seninf driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05863018; Issue... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6833 mt6853 mt6853t mt6873 mt6875 mt6877 +23 more products
    • Published: Jan. 04, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-20017

    In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0586... Read more

    Affected Products : android mt6785 mt6833 mt6853 mt6873 mt6877 mt6885 mt6893 mt8791 mt8797 +16 more products
    • Published: Feb. 09, 2022
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2022-20016

    In vow driver, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862986; Issue ID: ALPS... Read more

    Affected Products : android mt6781 mt6785 mt6833 mt6853 mt6853t mt6873 mt6877 mt6883 mt6885 +7 more products
    • Published: Jan. 04, 2022
    • Modified: Nov. 21, 2024

  • 4.4

    MEDIUM
    CVE-2022-20015

    In kd_camera_hw driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862966;... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6833 mt6853 mt6853t mt6873 mt6877 mt6883 +15 more products
    • Published: Jan. 04, 2022
    • Modified: Nov. 21, 2024

  • 6.4

    MEDIUM
    CVE-2022-20013

    In vow driver, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05837742; Issue ID: ALPS... Read more

    Affected Products : android mt6781 mt6785 mt6833 mt6853 mt6853t mt6873 mt6877 mt6883 mt6885 +7 more products
    • Published: Jan. 04, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-20012

    In mdp driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05836478; Issu... Read more

    Affected Products : android mt6779 mt6785 mt6833 mt6853 mt6853t mt6873 mt6875 mt6877 mt6883 +32 more products
    • Published: Jan. 04, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-20011

    In getArray of NotificationManagerService.java , there is a possible leak of one user notifications to another due to missing check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not ne... Read more

    Affected Products : android
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-20010

    In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is not ne... Read more

    Affected Products : android
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2022-20009

    In various functions of the USB gadget subsystem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for ex... Read more

    Affected Products : android
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 4.6

    MEDIUM
    CVE-2022-20008

    In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges neede... Read more

    Affected Products : android
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 7.0

    HIGH
    CVE-2022-20007

    In startActivityForAttachedApplicationIfNeeded of RootWindowContainer.java, there is a possible way to overlay an app that believes it's still in the foreground, when it is not, due to a race condition. This could lead to local escalation of privilege wit... Read more

    Affected Products : android
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 7.0

    HIGH
    CVE-2022-20006

    In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way to briefly view what's under the lockscreen due to a race condition. This could lead to local escalation of privilege if a Guest user is enabled, with no addit... Read more

    Affected Products : android
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 294716 Results