Vulnerabilities > Google > Android
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-04 | CVE-2023-40073 | Unspecified vulnerability in Google Android In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy. | 5.5 |
| 2023-12-04 | CVE-2023-40074 | Unspecified vulnerability in Google Android In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. | 5.5 |
| 2023-12-04 | CVE-2023-40075 | Unspecified vulnerability in Google Android In forceReplaceShortcutInner of ShortcutPackage.java, there is a possible way to register unlimited packages due to a missing bounds check. | 5.5 |
| 2023-12-04 | CVE-2023-40076 | Unspecified vulnerability in Google Android 14.0 In createPendingIntent of CredentialManagerUi.java, there is a possible way to access credentials from other users due to a permissions bypass. | 5.5 |
| 2023-12-04 | CVE-2023-40077 | Race Condition vulnerability in Google Android In multiple functions of MetaDataBase.cpp, there is a possible UAF write due to a race condition. | 8.1 |
| 2023-12-04 | CVE-2023-40078 | Out-of-bounds Write vulnerability in Google Android 14.0 In a2dp_vendor_opus_decoder_decode_packet of a2dp_vendor_opus_decoder.cc, there is a possible out of bounds write due to a heap buffer overflow. | 9.8 |
| 2023-12-04 | CVE-2023-40079 | Unspecified vulnerability in Google Android 14.0 In injectSendIntentSender of ShortcutService.java, there is a possible background activity launch due to a permissions bypass. | 7.8 |
| 2023-12-04 | CVE-2023-40080 | Out-of-bounds Write vulnerability in Google Android 13.0/14.0 In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a logic error in the code. | 7.8 |
| 2023-12-04 | CVE-2023-40081 | Unspecified vulnerability in Google Android In loadMediaDataInBgForResumption of MediaDataManager.kt, there is a possible way to view another user's images due to a confused deputy. | 5.5 |
| 2023-12-04 | CVE-2023-40082 | Unspecified vulnerability in Google Android 14.0 In modify_for_next_stage of fdt.rs, there is a possible way to render KASLR ineffective due to improperly used crypto. | 9.8 |