Vulnerabilities > Google > Android
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-14 | CVE-2023-21290 | Race Condition vulnerability in Google Android In update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. | 5.5 |
| 2023-08-14 | CVE-2023-21292 | Unspecified vulnerability in Google Android In openContentUri of ActivityManagerService.java, there is a possible way for a third party app to obtain restricted files due to a confused deputy. | 5.5 |
| 2023-08-14 | CVE-2023-35689 | Insecure Default Initialization of Resource vulnerability in Google Android 11.0/13.0 In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default value. | 7.8 |
| 2023-08-14 | CVE-2023-20965 | Insufficiently Protected Credentials vulnerability in Google Android 13.0 In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. | 9.8 |
| 2023-08-14 | CVE-2023-21132 | Missing Authorization vulnerability in Google Android 12.0/12.1/13.0 In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. | 6.8 |
| 2023-08-14 | CVE-2023-21133 | Missing Authorization vulnerability in Google Android 12.0/12.1/13.0 In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. | 6.8 |
| 2023-08-14 | CVE-2023-21134 | Missing Authorization vulnerability in Google Android 12.0/12.1/13.0 In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. | 6.8 |
| 2023-08-14 | CVE-2023-21140 | Missing Authorization vulnerability in Google Android 12.0/12.1/13.0 In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. | 6.8 |
| 2023-08-14 | CVE-2023-21242 | Unspecified vulnerability in Google Android 13.0 In isServerCertChainValid of InsecureEapNetworkHandler.java, there is a possible way to trust an imposter server due to a logic error in the code. | 9.8 |
| 2023-08-14 | CVE-2023-21264 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. | 6.7 |