Vulnerabilities > Google > Android > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-04-11 CVE-2022-26093 NULL Pointer Dereference vulnerability in Google Android 10.0/11.0/12.0
Null pointer dereference vulnerability in parser_irot function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.
network
low complexity
google CWE-476
critical
9.8
2022-03-16 CVE-2021-39737 Unspecified vulnerability in Google Android
Product: AndroidVersions: Android kernelAndroid ID: A-208229524References: N/A
network
low complexity
google
critical
9.8
2022-03-16 CVE-2021-39723 Unspecified vulnerability in Google Android
Product: AndroidVersions: Android kernelAndroid ID: A-209014813References: N/A
network
low complexity
google
critical
9.8
2022-03-16 CVE-2021-39720 Unspecified vulnerability in Google Android
Product: AndroidVersions: Android kernelAndroid ID: A-207433926References: N/A
network
low complexity
google
critical
9.8
2022-03-16 CVE-2021-39710 Unspecified vulnerability in Google Android
Product: AndroidVersions: Android kernelAndroid ID: A-202160245References: N/A
network
low complexity
google
critical
9.8
2022-03-16 CVE-2021-39708 Out-of-bounds Write vulnerability in Google Android 12.0
In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to an incorrect bounds check.
network
low complexity
google CWE-787
critical
9.8
2022-03-10 CVE-2022-25818 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 12.0
Improper boundary check in UWB stack prior to SMR Mar-2022 Release 1 allows arbitrary code execution.
network
low complexity
google CWE-119
critical
9.8
2022-02-11 CVE-2022-23425 Improper Input Validation vulnerability in Google Android 10.0/11.0/12.0
Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station.
network
low complexity
google CWE-20
critical
9.8
2022-02-11 CVE-2021-39675 Out-of-bounds Write vulnerability in Google Android 12.0
In GKI_getbuf of gki_buffer.cc, there is a possible out of bounds write due to a heap buffer overflow.
network
low complexity
google CWE-787
critical
9.8
2022-02-11 CVE-2021-39658 Incorrect Default Permissions vulnerability in Google Android
ismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms system service,but it does not check the permissions of the caller,resulting in permission leaks?Third-party apps can use this service to arbitrarily modify and set system properties?Product: AndroidVersions: Android SoCAndroid ID: A-207479207
network
low complexity
google CWE-276
critical
9.8