{"vulnerability": "CVE-2022-2050", "sightings": [{"uuid": "ba3846ac-41da-4c95-987d-d0d8368edb01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20500", "type": "seen", "source": "https://t.me/cibsecurity/54411", "content": "\u203c CVE-2022-20500 \u203c\n\nIn loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-246540168\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-13T18:21:59.000000Z"}, {"uuid": "756cda4d-f112-4904-8ef2-8754f60d0221", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20500", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12844", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-20500\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-246540168\n\ud83d\udccf Published: 2022-12-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-22T13:52:57.629Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/2022-12-01", "creation_timestamp": "2025-04-22T14:03:34.000000Z"}, {"uuid": "253e7e3e-e0c6-4caa-8899-a865bf1400ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20503", "type": "seen", "source": "https://t.me/cibsecurity/54739", "content": "\u203c CVE-2022-20503 \u203c\n\nIn onCreate of WifiDppConfiguratorActivity.java, there is a possible way for a guest user to add a WiFi configuration due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224772890\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:37:40.000000Z"}, {"uuid": "48c1a020-c6b9-4075-93c5-1b1fd1bd0a0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20506", "type": "seen", "source": "https://t.me/cibsecurity/54672", "content": "\u203c CVE-2022-20506 \u203c\n\nIn onCreate of WifiDialogActivity.java, there is a missing permission check. This could lead to local escalation of privilege from a guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-226133034\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:24:28.000000Z"}, {"uuid": "8700184b-6b42-479e-8779-986079a6f925", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20505", "type": "seen", "source": "https://t.me/cibsecurity/54719", "content": "\u203c CVE-2022-20505 \u203c\n\nIn openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitationProduct: AndroidVersions: Android-13Android ID: A-225981754\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:34:34.000000Z"}, {"uuid": "244d69f9-27db-4633-8593-be18b33199fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20509", "type": "seen", "source": "https://t.me/cibsecurity/54746", "content": "\u203c CVE-2022-20509 \u203c\n\nIn mapGrantorDescr of MessageQueueBase.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244713317\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:37:47.000000Z"}, {"uuid": "42847d5d-24b4-4e72-97e4-8cb00939c57e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2050", "type": "seen", "source": "https://t.me/cibsecurity/45911", "content": "\u203c CVE-2022-2050 \u203c\n\nThe WP-Paginate WordPress plugin before 2.1.9 does not escape one of its settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when unfiltered_html is disallowed\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-11T16:19:18.000000Z"}]}