Vulnerabilities > Google > Android > 14.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-02 | CVE-2024-20129 | Out-of-bounds Read vulnerability in Google Android 13.0/14.0/15.0 In Telephony, there is a possible out of bounds read due to a missing bounds check. | 7.5 |
| 2024-11-13 | CVE-2024-34719 | NULL Pointer Dereference vulnerability in Google Android In multiple locations, there is a possible permissions bypass due to a missing null check. | 7.8 |
| 2024-11-13 | CVE-2024-40660 | Unspecified vulnerability in Google Android 14.0/15.0 In setTransactionState of SurfaceFlinger.cpp, there is a possible way to change protected display attributes due to a logic error in the code. | 7.8 |
| 2024-11-13 | CVE-2024-40661 | Missing Authorization vulnerability in Google Android In mayAdminGrantPermission of AdminRestrictedPermissionsUtils.java, there is a possible way to access the microphone due to a missing permission check. | 7.8 |
| 2024-11-13 | CVE-2024-43080 | Deserialization of Untrusted Data vulnerability in Google Android In onReceive of AppRestrictionsFragment.java, there is a possible escalation of privilege due to unsafe deserialization. | 7.8 |
| 2024-11-13 | CVE-2024-43081 | Unspecified vulnerability in Google Android In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. | 7.8 |
| 2024-11-13 | CVE-2024-43083 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android In validate of WifiConfigurationUtil.java , there is a possible persistent denial of service due to resource exhaustion. | 5.5 |
| 2024-11-13 | CVE-2024-43084 | Unspecified vulnerability in Google Android In visitUris of multiple files, there is a possible information disclosure due to a confused deputy. | 5.5 |
| 2024-11-13 | CVE-2024-43085 | Unspecified vulnerability in Google Android In handleMessage of UsbDeviceManager.java, there is a possible method to access device contents over USB without unlocking the device due to a logic error in the code. | 7.8 |
| 2024-11-13 | CVE-2024-43086 | Unspecified vulnerability in Google Android In validateAccountsInternal of AccountManagerService.java, there is a possible way to leak account credentials to a third party app due to a confused deputy. | 5.5 |