Vulnerabilities > Google > Android
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-15 | CVE-2024-34734 | Insecure Default Initialization of Resource vulnerability in Google Android 13.0/14.0 In onForegroundServiceButtonClicked of FooterActionsViewModel.kt, there is a possible way to disable the active VPN app from the lockscreen due to an insecure default value. | 7.8 |
| 2024-08-15 | CVE-2024-34736 | Unspecified vulnerability in Google Android In setupVideoEncoder of StagefrightRecorder.cpp, there is a possible asynchronous playback when B-frame support is enabled. | 7.8 |
| 2024-08-15 | CVE-2024-34737 | Unspecified vulnerability in Google Android In ensureSetPipAspectRatioQuotaTracker of ActivityClientController.java, there is a possible way to generate unmovable and undeletable pip windows due to a logic error in the code. | 7.8 |
| 2024-08-15 | CVE-2024-34738 | Unspecified vulnerability in Google Android 13.0/14.0 In multiple functions of AppOpsService.java, there is a possible way for unprivileged apps to read their own restrictRead app-op states due to a logic error in the code. | 7.8 |
| 2024-08-15 | CVE-2024-34739 | Unspecified vulnerability in Google Android In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible escape from SUW due to a logic error in the code. | 7.8 |
| 2024-08-15 | CVE-2024-34740 | Integer Overflow or Wraparound vulnerability in Google Android In attributeBytesBase64 and attributeBytesHex of BinaryXmlSerializer.java, there is a possible arbitrary XML injection due to an integer overflow. | 7.8 |
| 2024-08-15 | CVE-2024-34741 | Unspecified vulnerability in Google Android In setForceHideNonSystemOverlayWindowIfNeeded of WindowState.java, there is a possible way for message content to be visible on the screensaver while lock screen visibility settings are restricted by the user due to a logic error in the code. | 7.8 |
| 2024-08-15 | CVE-2024-34742 | Unspecified vulnerability in Google Android 14.0 In shouldWrite of OwnersData.java, there is a possible edge case that prevents MDM policies from being persisted due to a logic error in the code. | 5.5 |
| 2024-08-15 | CVE-2024-34743 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 14.0 In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due to a logic error in the code. | 7.8 |
| 2024-07-09 | CVE-2023-21113 | Unspecified vulnerability in Google Android 12.0/12.1/13.0 In multiple locations, there is a possible permission bypass due to a confused deputy. | 7.8 |