Vulnerabilities > Google > Android > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-11-29 CVE-2022-42538 Unspecified vulnerability in Google Android
Elevation of privilege
network
low complexity
google
critical
9.8
2023-11-29 CVE-2022-42537 Unspecified vulnerability in Google Android
Remote code execution
network
low complexity
google
critical
9.8
2023-11-29 CVE-2022-42536 Unspecified vulnerability in Google Android
Remote code execution
network
low complexity
google
critical
9.8
2023-10-11 CVE-2023-35662 Out-of-bounds Write vulnerability in Google Android
there is a possible out of bounds write due to buffer overflow.
network
low complexity
google CWE-787
critical
9.8
2023-10-11 CVE-2023-35648 Out-of-bounds Read vulnerability in Google Android
In ProtocolMiscLceIndAdapter::GetConfLevel() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
critical
9.8
2023-10-11 CVE-2023-35647 Out-of-bounds Read vulnerability in Google Android
In ProtocolEmbmsGlobalCellIdAdapter::Init() of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
critical
9.8
2023-10-11 CVE-2023-35646 Out-of-bounds Write vulnerability in Google Android
In TBD of TBD, there is a possible stack buffer overflow due to a missing bounds check.
network
low complexity
google CWE-787
critical
9.8
2023-09-11 CVE-2023-35681 Integer Overflow or Wraparound vulnerability in Google Android 13.0
In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow.
network
low complexity
google CWE-190
critical
9.8
2023-08-14 CVE-2023-21287 Type Confusion vulnerability in Google Android
In multiple locations, there is a possible code execution due to type confusion.
network
low complexity
google CWE-843
critical
9.8
2023-08-14 CVE-2023-21242 Unspecified vulnerability in Google Android 13.0
In isServerCertChainValid of InsecureEapNetworkHandler.java, there is a possible way to trust an imposter server due to a logic error in the code.
network
low complexity
google
critical
9.8