Vulnerabilities > Google > Android > 12.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-10 | CVE-2022-20004 | Missing Authorization vulnerability in Google Android In checkSlicePermission of SliceManagerService.java, it is possible to access any slice URI due to improper input validation. | 7.8 |
| 2022-05-10 | CVE-2022-20005 | Unspecified vulnerability in Google Android In validateApkInstallLocked of PackageInstallerSession.java, there is a way to force a mismatch between running code and a parsed APK . | 7.8 |
| 2022-05-10 | CVE-2022-20006 | Race Condition vulnerability in Google Android In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way to briefly view what's under the lockscreen due to a race condition. | 7.0 |
| 2022-05-10 | CVE-2022-20007 | Race Condition vulnerability in Google Android In startActivityForAttachedApplicationIfNeeded of RootWindowContainer.java, there is a possible way to overlay an app that believes it's still in the foreground, when it is not, due to a race condition. | 7.0 |
| 2022-05-10 | CVE-2022-20010 | Out-of-bounds Read vulnerability in Google Android 12.0/12.1 In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to an incorrect bounds check. | 6.5 |
| 2022-05-10 | CVE-2022-20011 | Missing Authorization vulnerability in Google Android In getArray of NotificationManagerService.java , there is a possible leak of one user notifications to another due to missing check. | 5.5 |
| 2022-05-10 | CVE-2022-20112 | Improper Privilege Management vulnerability in Google Android In getAvailabilityStatus of PrivateDnsPreferenceController.java, there is a possible way for a guest user to change private DNS settings due to a permissions bypass. | 5.5 |
| 2022-05-10 | CVE-2022-20113 | Unspecified vulnerability in Google Android 12.0/12.1 In mPreference of DefaultUsbConfigurationPreferenceController.java, there is a possible way to enable file transfer mode due to a logic error in the code. | 7.8 |
| 2022-05-10 | CVE-2022-20114 | Improper Privilege Management vulnerability in Google Android In placeCall of TelecomManager.java, there is a possible way for an application to keep itself running with foreground service importance due to a permissions bypass. | 7.8 |
| 2022-05-10 | CVE-2022-20115 | Missing Authorization vulnerability in Google Android 12.0/12.1 In broadcastServiceStateChanged of TelephonyRegistry.java, there is a possible way to learn base station information without location permission due to a missing permission check. | 5.5 |