Vulnerabilities > Google

DATE CVE VULNERABILITY TITLE RISK
2021-04-13 CVE-2021-0443 Race Condition vulnerability in Google Android
In several functions of ScreenshotHelper.java and related files, there is a possible incorrectly saved screenshot due to a race condition.
local
google CWE-362
1.9
2021-04-13 CVE-2021-0442 USE After Free vulnerability in Google Android 11.0
In updateInfo of android_hardware_input_InputApplicationHandle.cpp, there is a possible control of code flow due to a use after free.
local
low complexity
google CWE-416
4.6
2021-04-13 CVE-2021-0439 Out-Of-Bounds Write vulnerability in Google Android 11.0
In setPowerModeWithHandle of com_android_server_power_PowerManagerService.cpp, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
4.6
2021-04-13 CVE-2021-0438 Improper Privilege Management vulnerability in Google Android 10.0/8.1/9.0
In several functions of InputDispatcher.cpp, WindowManagerService.java, and related files, there is a possible tapjacking attack due to an incorrect FLAG_OBSCURED value.
local
google CWE-269
4.4
2021-04-13 CVE-2021-0437 Double Free vulnerability in Google Android
In setPlayPolicy of DrmPlugin.cpp, there is a possible double free.
local
low complexity
google CWE-415
4.6
2021-04-13 CVE-2021-0436 Integer Overflow OR Wraparound vulnerability in Google Android
In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds read due to integer overflow.
local
low complexity
google CWE-190
2.1
2021-04-13 CVE-2021-0435 Improper Initialization vulnerability in Google Android
In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data.
network
low complexity
google CWE-665
5.0
2021-04-13 CVE-2021-0433 Improper Privilege Management vulnerability in Google Android
In onCreate of DeviceChooserActivity.java, there is a possible way to bypass user consent when pairing a Bluetooth device due to a tapjacking/overlay attack.
5.4
2021-04-13 CVE-2021-0432 Race Condition vulnerability in Google Android 11.0
In ClearPullerCacheIfNecessary and ForceClearPullerCache of StatsPullerManager.cpp, there is a possible use-after-free due to a race condition.
local
google CWE-362
4.4
2021-04-13 CVE-2021-0431 Out-Of-Bounds Read vulnerability in Google Android
In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
5.0