Critical exposure
CVE-2022-20222 Google Android RCE
- CVSS 9.8
- Remote code execution exposure
New critical Google Android RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical Google Android RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Google Android RCE (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Kvf-admin Project Kvf-admin Deserialization (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
android exported is used to set third-party app access permissions, and the default value of intent-filter is true.
In read_attr_value of gatt_db.cc, there is a possible out of bounds write due to a missing bounds check.
In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check.
'remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area), and because the 'vma->vm_page_prot' can...
Spryker Commerce OS 1.4.2 allows Remote Command Execution.
WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSH_SFTP_RecvRMDIR.
kvf-admin through 2022-02-12 allows remote attackers to execute arbitrary code because deserialization is mishandled.