An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID.

An improper validation vulnerability in telephony prior to SMR Dec-2021 Release 1 allows attackers to launch certain activities.

An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows attackers to write arbitrary files via a path traversal vulnerability.

An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows local arbitrary code execution.

In Browser app, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-199678035

A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov-2021 Release 1 allows attackers to read ESN value without priviledge.

Improper input validation vulnerability in HDCP prior to SMR Nov-2021 Release 1 allows attackers to arbitrary code execution.

In wifi driver, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05551435; Issue ID: ALPS05551435.

In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker under certain build conditions with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05560246; Issue ID: ALPS05551383.

In audio DSP, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05844458; Issue ID: ALPS05844458.