Vulnerabilities > Google > Android > 12.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-13 | CVE-2022-20218 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 12.0/12.1 In PermissionController, there is a possible way to get and retain permissions without user's consent due to a logic error in the code. | 7.8 |
| 2022-07-13 | CVE-2022-20219 | Cleartext Storage of Sensitive Information vulnerability in Google Android In multiple functions of StorageManagerService.java and UserManagerService.java, there is a possible way to leave user's directories unencrypted due to a logic error in the code. | 5.5 |
| 2022-07-13 | CVE-2022-20220 | Path Traversal vulnerability in Google Android 12.0/12.1 In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. | 7.8 |
| 2022-07-13 | CVE-2022-20221 | Out-of-bounds Read vulnerability in Google Android In avrc_ctrl_pars_vendor_cmd of avrc_pars_ct.cc, there is a possible out of bounds read due to improper input validation. | 6.5 |
| 2022-07-13 | CVE-2022-20222 | Out-of-bounds Write vulnerability in Google Android 12.0/12.1 In read_attr_value of gatt_db.cc, there is a possible out of bounds write due to a missing bounds check. | 9.8 |
| 2022-07-13 | CVE-2022-20223 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. | 7.8 |
| 2022-07-13 | CVE-2022-20224 | Out-of-bounds Read vulnerability in Google Android In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. | 7.5 |
| 2022-07-13 | CVE-2022-20225 | Missing Authorization vulnerability in Google Android In getSubscriptionProperty of SubscriptionController.java, there is a possible read of a sensitive identifier due to a missing permission check. | 5.5 |
| 2022-07-13 | CVE-2022-20226 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0/12.1 In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to improper input validation. | 3.9 |
| 2022-07-13 | CVE-2022-20228 | Use After Free vulnerability in Google Android 12.0/12.1 In various functions of C2DmaBufAllocator.cpp, there is a possible memory corruption due to a use after free. | 6.5 |