{"vulnerability": "CVE-2022-2019", "sightings": [{"uuid": "1268c530-86e9-448d-970d-66579da3df6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20194", "type": "seen", "source": "https://t.me/cibsecurity/44527", "content": "\u203c CVE-2022-20194 \u203c\n\nIn onCreate of ChooseLockGeneric.java, there is a possible permission bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-222684510\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-15T18:26:33.000000Z"}, {"uuid": "f51a7aae-96db-4a92-a632-a55455f69abe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20199", "type": "seen", "source": "https://t.me/cibsecurity/54729", "content": "\u203c CVE-2022-20199 \u203c\n\nIn multiple locations of NfcService.java, there is a possible disclosure of NFC tags due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-199291025\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:37:30.000000Z"}, {"uuid": "2a003d41-1355-4faf-9c1a-5fe6df749b0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20196", "type": "seen", "source": "https://t.me/cibsecurity/44523", "content": "\u203c CVE-2022-20196 \u203c\n\nIn gallery3d and photos, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-201535148\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-15T18:26:24.000000Z"}, {"uuid": "50ac94dd-b19c-4415-8979-bc6c06e02295", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20198", "type": "seen", "source": "https://t.me/cibsecurity/44532", "content": "\u203c CVE-2022-20198 \u203c\n\nIn llcp_dlc_proc_connect_pdu of llcp_dlc.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure from the NFC stack with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-221851879\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-15T18:26:39.000000Z"}, {"uuid": "21c9465a-142b-4d1c-99c9-1d245d8b5645", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20190", "type": "seen", "source": "https://t.me/cibsecurity/44531", "content": "\u203c CVE-2022-20190 \u203c\n\nProduct: AndroidVersions: Android kernelAndroid ID: A-208744915References: N/A\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-15T18:26:38.000000Z"}, {"uuid": "0bc05f3e-93a8-4aa4-aac7-44df220a49e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20191", "type": "seen", "source": "https://t.me/cibsecurity/44529", "content": "\u203c CVE-2022-20191 \u203c\n\nProduct: AndroidVersions: Android kernelAndroid ID: A-209324757References: N/A\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-15T18:26:36.000000Z"}, {"uuid": "2e904f44-49e5-4083-aff0-df92117ff0d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20195", "type": "seen", "source": "https://t.me/cibsecurity/44528", "content": "\u203c CVE-2022-20195 \u203c\n\nIn the keystore library, there is a possible prevention of access to system Settings due to unsafe deserialization. This could lead to local denial of service with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-213172664\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-15T18:26:35.000000Z"}, {"uuid": "b2f5e34d-ebc8-4f9d-9623-8c18ac85d373", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20193", "type": "seen", "source": "https://t.me/cibsecurity/44520", "content": "\u203c CVE-2022-20193 \u203c\n\nIn getUniqueUsagesWithLabels of PermissionUsageHelper.java, there is a possible incorrect permission attribution due to a logic error in the code. This could lead to local escalation of privilege by conflating apps with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-212434116\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-15T18:26:21.000000Z"}]}