Vulnerabilities > Google > Android
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-27 | CVE-2023-44125 | Unspecified vulnerability in Google Android 12.0/13.0 The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAG_IMMUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Personalized service ("com.lge.abba") app. | 7.8 |
| 2023-09-27 | CVE-2023-44126 | Unspecified vulnerability in Google Android The vulnerability is that the Call management ("com.android.server.telecom") app patched by LG sends a lot of LG-owned implicit broadcasts that disclose sensitive data to all third-party apps installed on the same device. | 5.5 |
| 2023-09-27 | CVE-2023-44127 | Unspecified vulnerability in Google Android he vulnerability is that the Call management ("com.android.server.telecom") app patched by LG launches implicit intents that disclose sensitive data to all third-party apps installed on the same device. | 5.5 |
| 2023-09-27 | CVE-2023-44128 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android he vulnerability is to delete arbitrary files in LGInstallService ("com.lge.lginstallservies") app. | 3.6 |
| 2023-09-27 | CVE-2023-44129 | Unspecified vulnerability in Google Android The vulnerability is that the Messaging ("com.android.mms") app patched by LG forwards attacker-controlled intents back to the attacker in the exported "com.android.mms.ui.QClipIntentReceiverActivity" activity. | 3.3 |
| 2023-09-27 | CVE-2023-44216 | Information Exposure Through Discrepancy vulnerability in multiple products PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. | 5.3 |
| 2023-09-11 | CVE-2023-35658 | Use After Free vulnerability in Google Android In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible privilege escalation due to a use after free. | 8.8 |
| 2023-09-11 | CVE-2023-35664 | Out-of-bounds Read vulnerability in Google Android 12.0/12.1/13.0 In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. | 5.5 |
| 2023-09-11 | CVE-2023-35665 | Missing Authorization vulnerability in Google Android In multiple files, there is a possible way to import a contact from another user due to a missing permission check. | 7.8 |
| 2023-09-11 | CVE-2023-35666 | Use After Free vulnerability in Google Android In bta_av_rc_msg of bta_av_act.cc, there is a possible use after free due to a logic error in the code. | 7.8 |