Vulnerabilities > Google > Android
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-04 | CVE-2023-40078 | Out-of-bounds Write vulnerability in Google Android 14.0 In a2dp_vendor_opus_decoder_decode_packet of a2dp_vendor_opus_decoder.cc, there is a possible out of bounds write due to a heap buffer overflow. | 9.8 |
| 2023-12-04 | CVE-2023-40079 | Unspecified vulnerability in Google Android 14.0 In injectSendIntentSender of ShortcutService.java, there is a possible background activity launch due to a permissions bypass. | 7.8 |
| 2023-12-04 | CVE-2023-40080 | Out-of-bounds Write vulnerability in Google Android 13.0/14.0 In multiple functions of btm_ble_gap.cc, there is a possible out of bounds write due to a logic error in the code. | 7.8 |
| 2023-12-04 | CVE-2023-40081 | Unspecified vulnerability in Google Android In loadMediaDataInBgForResumption of MediaDataManager.kt, there is a possible way to view another user's images due to a confused deputy. | 5.5 |
| 2023-12-04 | CVE-2023-40082 | Unspecified vulnerability in Google Android 14.0 In modify_for_next_stage of fdt.rs, there is a possible way to render KASLR ineffective due to improperly used crypto. | 9.8 |
| 2023-12-04 | CVE-2023-40083 | Out-of-bounds Read vulnerability in Google Android In parse_gap_data of utils.cc, there is a possible out of bounds read due to a missing bounds check. | 5.5 |
| 2023-12-04 | CVE-2023-40084 | Use After Free vulnerability in Google Android In run of MDnsSdListener.cpp, there is a possible memory corruption due to a use after free. | 7.8 |
| 2023-12-04 | CVE-2023-40087 | Out-of-bounds Write vulnerability in Google Android In transcodeQ*ToFloat of btif_avrcp_audio_track.cc, there is a possible out of bounds write due to a missing bounds check. | 8.8 |
| 2023-12-04 | CVE-2023-40088 | Use After Free vulnerability in Google Android In callback_thread_event of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible memory corruption due to a use after free. | 8.8 |
| 2023-12-04 | CVE-2023-40089 | Missing Authorization vulnerability in Google Android 14.0 In getCredentialManagerPolicy of DevicePolicyManagerService.java, there is a possible method for users to select credential managers without permission due to a missing permission check. | 7.8 |