Vulnerabilities > Google > Android > 12.1

DATE CVE VULNERABILITY TITLE RISK
2022-04-12 CVE-2021-39809 Out-of-bounds Read vulnerability in Google Android
In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
7.5
7.5
2022-03-30 CVE-2021-1000 Incorrect Default Permissions vulnerability in Google Android 12.1
In createBluetoothDeviceSlice of ConnectedDevicesSliceProvider.java, there is a possible permission bypass due to an unsafe PendingIntent.
local
low complexity
google CWE-276
7.8
7.8
2022-03-30 CVE-2021-1033 Incorrect Default Permissions vulnerability in Google Android 12.1
In createGeneralSlice of ConnectedDevicesSliceProvider.java.java, there is a possible permission bypass due to an unsafe PendingIntent.
local
low complexity
google CWE-276
7.8
7.8
2022-03-30 CVE-2021-39739 Information Exposure Through Log Files vulnerability in Google Android 12.1
In ArrayMap, there is a possible leak of the content of SMS messages due to log information disclosure.
local
low complexity
google CWE-532
3.3
3.3
2022-03-30 CVE-2021-39740 Improper Input Validation vulnerability in Google Android 12.1
In Messaging, there is a possible way to bypass attachment restrictions due to improper input validation.
local
low complexity
google CWE-20
5.5
5.5
2022-03-30 CVE-2021-39741 Out-of-bounds Write vulnerability in Google Android 12.1
In Keymaster, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
7.8
7.8
2022-03-30 CVE-2021-39742 Missing Authorization vulnerability in Google Android 12.1
In Voicemail, there is a possible way to retrieve a trackable identifier due to a missing permission check.
local
low complexity
google CWE-862
5.5
5.5
2022-03-30 CVE-2021-39743 Missing Authorization vulnerability in Google Android 12.1
In PackageManager, there is a possible way to update the last usage time of another package due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8
2022-03-30 CVE-2021-39744 Information Exposure Through Discrepancy vulnerability in Google Android 12.1
In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-203
5.5
5.5
2022-03-30 CVE-2021-39745 Information Exposure Through Discrepancy vulnerability in Google Android 12.1
In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-203
5.5
5.5