Vulnerabilities > Google > Android > 12.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-15 | CVE-2021-1016 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0 In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB without informed user consent due to a tapjacking/overlay attack. | 7.3 |
| 2021-12-15 | CVE-2021-1017 | Missing Authorization vulnerability in Google Android 12.0 In AdapterService and GattService definition of AndroidManifest.xml, there is a possible way to disable bluetooth connection due to a missing permission check. | 7.8 |
| 2021-12-15 | CVE-2021-1018 | Information Exposure Through Discrepancy vulnerability in Google Android 12.0 In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 3.3 |
| 2021-12-15 | CVE-2021-1019 | Unspecified vulnerability in Google Android 12.0 In snoozeNotification of NotificationListenerService.java, there is a possible permission confusion due to a misleading user consent dialog. | 7.3 |
| 2021-12-15 | CVE-2021-1020 | Improper Input Validation vulnerability in Google Android 12.0 In snoozeNotification of NotificationListenerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. | 7.3 |
| 2021-12-15 | CVE-2021-1021 | Improper Input Validation vulnerability in Google Android 12.0 In snoozeNotificationInt of NotificationManagerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. | 7.3 |
| 2021-12-15 | CVE-2021-1022 | NULL Pointer Dereference vulnerability in Google Android 12.0 In btif_in_hf_client_generic_evt of btif_hf_client.cc, there is a possible Bluetooth service crash due to a missing null check. | 7.5 |
| 2021-12-15 | CVE-2021-1023 | Information Exposure vulnerability in Google Android 12.0 In onCreate of RequestIgnoreBatteryOptimizations.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 5.0 |
| 2021-12-15 | CVE-2021-1024 | Unspecified vulnerability in Google Android 12.0 In onEventReceived of EventResultPersister.java, there is a possible intent redirection due to a confused deputy. | 6.7 |
| 2021-12-15 | CVE-2021-1025 | Missing Authorization vulnerability in Google Android 12.0 In hasNamedWallpaper of WallpaperManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. | 5.5 |