Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.8

    HIGH
    CVE-2022-20113

    In mPreference of DefaultUsbConfigurationPreferenceController.java, there is a possible way to enable file transfer mode due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. Use... Read more

    Affected Products : android
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-20112

    In getAvailabilityStatus of PrivateDnsPreferenceController.java, there is a possible way for a guest user to change private DNS settings due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges ... Read more

    Affected Products : android
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 8.4

    HIGH
    CVE-2022-20111

    In ion, there is a possible use after free due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366069; Issue ID:... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6833 mt6853 mt6853t mt6873 mt6875 mt6877 +43 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 7.0

    HIGH
    CVE-2022-20110

    In ion, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06399915; Issue ID: ALPS063... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6833 mt6853 mt6853t mt6873 mt6875 mt6877 +43 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-20109

    In ion, there is a possible use after free due to improper update of reference count. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06399915;... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6833 mt6853 mt6853t mt6873 mt6875 mt6877 +43 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2022-20108

    In voice service, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV0333070... Read more

    Affected Products : android linux_kernel mt9011 mt9215 mt9216 mt9221 mt9255 mt9256 mt9266 mt9269 +28 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 4.9

    MEDIUM
    CVE-2022-20107

    In subtitle service, there is a possible application crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330673; Issue ID: DT... Read more

    Affected Products : android linux_kernel mt9011 mt9215 mt9216 mt9221 mt9255 mt9256 mt9266 mt9269 +28 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2022-20106

    In MM service, there is a possible out of bounds write due to a heap-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330460; I... Read more

    Affected Products : android linux_kernel mt9011 mt9215 mt9216 mt9221 mt9255 mt9256 mt9266 mt9269 +28 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2022-20105

    In MM service, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330460; ... Read more

    Affected Products : android linux_kernel mt9011 mt9215 mt9216 mt9221 mt9255 mt9256 mt9266 mt9269 +28 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-20104

    In aee daemon, there is a possible information disclosure due to improper access control. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS064190... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6853t mt6873 mt6875 +35 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 4.4

    MEDIUM
    CVE-2022-20103

    In aee daemon, there is a possible information disclosure due to symbolic link following. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383944; Iss... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6853t mt6873 mt6875 +35 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 4.4

    MEDIUM
    CVE-2022-20102

    In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06296442; ... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6853t mt6873 mt6875 +35 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2022-20101

    In aee daemon, there is a possible information disclosure due to a path traversal. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419017; Iss... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6853t mt6873 mt6875 +35 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 4.4

    MEDIUM
    CVE-2022-20100

    In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383944; ... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6853t mt6873 mt6875 +35 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2022-20099

    In aee daemon, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06296442; Iss... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6853t mt6873 mt6875 +35 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 4.4

    MEDIUM
    CVE-2022-20098

    In aee daemon, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419017; ... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6853t mt6873 mt6875 +35 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 4.7

    MEDIUM
    CVE-2022-20097

    In aee daemon, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383944; Iss... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6789 mt6833 mt6853 mt6853t mt6873 mt6875 +35 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 4.4

    MEDIUM
    CVE-2022-20096

    In camera, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06419003; Issue ID: ALP... Read more

    Affected Products : android mt6765 mt6768 mt6769 mt8667 mt8768 mt8786 mt8788 mt8789 mt8183 +3 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2022-20095

    In imgsensor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479763; Issue I... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6833 mt6853 mt6873 mt6885 mt6893 mt8797 +2 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2022-20094

    In imgsensor, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479763; Issu... Read more

    Affected Products : android mt6779 mt6781 mt6785 mt6833 mt6853 mt6873 mt6885 mt6893 mt8797 +2 more products
    • Published: May. 03, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 294846 Results