Vulnerabilities > Google > Android
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-09 | CVE-2024-31314 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android In multiple functions of ShortcutService.java, there is a possible persistent DOS due to resource exhaustion. | 5.5 |
| 2024-07-09 | CVE-2024-31315 | Unspecified vulnerability in Google Android In multiple functions of ManagedServices.java, there is a possible way to hide an app with notification access in the Device & app notifications settings due to improper input validation. | 7.8 |
| 2024-07-09 | CVE-2024-31316 | Unspecified vulnerability in Google Android In onResult of AccountManagerService.java, there is a possible way to perform an arbitrary background activity launch due to parcel mismatch. | 7.8 |
| 2024-07-09 | CVE-2024-31317 | Deserialization of Untrusted Data vulnerability in Google Android In multiple functions of ZygoteProcess.java, there is a possible way to achieve code execution as any app via WRITE_SECURE_SETTINGS due to unsafe deserialization. | 7.8 |
| 2024-07-09 | CVE-2024-31318 | Missing Authorization vulnerability in Google Android In CompanionDeviceManagerService.java, there is a possible way to pair a companion device without user acceptance due to a missing permission check. | 7.8 |
| 2024-07-09 | CVE-2024-31319 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a possible cross-user data leak due to a confused deputy. | 7.8 |
| 2024-07-09 | CVE-2024-31320 | Unspecified vulnerability in Google Android 12.0/12.1 In setSkipPrompt of AssociationRequest.java , there is a possible way to establish a companion device association without any confirmation due to CDM. | 7.8 |
| 2024-07-09 | CVE-2024-31322 | Unspecified vulnerability in Google Android In updateServicesLocked of AccessibilityManagerService.java, there is a possible way for an app to be hidden from the Setting while retaining Accessibility Service due to improper input validation. | 7.8 |
| 2024-07-09 | CVE-2024-31323 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 14.0 In onCreate of multiple files, there is a possible way to trick the user into granting health permissions due to tapjacking. | 7.8 |
| 2024-07-09 | CVE-2024-31324 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In hide of WindowState.java, there is a possible way to bypass tapjacking/overlay protection by launching the activity in portrait mode first and then rotating it to landscape mode. | 7.3 |