Vulnerabilities > Google > Android > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-14 | CVE-2023-20965 | Insufficiently Protected Credentials vulnerability in Google Android 13.0 In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. | 9.8 |
| 2023-07-13 | CVE-2023-21250 | Out-of-bounds Write vulnerability in Google Android In gatt_end_operation of gatt_utils.cc, there is a possible out of bounds write due to a missing bounds check. | 9.8 |
| 2023-07-13 | CVE-2023-20918 | Unspecified vulnerability in Google Android In getPendingIntentLaunchFlags of ActivityOptions.java, there is a possible elevation of privilege due to a confused deputy with no additional execution privileges needed. | 9.8 |
| 2023-06-28 | CVE-2023-21066 | Out-of-bounds Write vulnerability in Google Android In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write due to a heap buffer overflow. | 9.8 |
| 2023-06-15 | CVE-2023-21130 | Out-of-bounds Read vulnerability in Google Android 13.0 In btm_ble_periodic_adv_sync_lost of btm_ble_gap.cc, there is a possible remote code execution due to a buffer overflow. | 9.8 |
| 2023-06-15 | CVE-2021-0945 | Unspecified vulnerability in Google Android In _PMRCreate of the PowerVR kernel driver, a missing bounds check means it is possible to overwrite heap memory via PhysmemNewRamBackedPMR. | 9.8 |
| 2023-06-15 | CVE-2021-0701 | Unspecified vulnerability in Google Android In PVRSRVBridgeSyncPrimOpCreate of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. | 9.8 |
| 2023-05-15 | CVE-2021-0877 | Unspecified vulnerability in Google Android Product: AndroidVersions: Android SoCAndroid ID: A-273754094 | 9.8 |
| 2023-04-19 | CVE-2023-21096 | Use After Free vulnerability in Google Android 12.0/12.1/13.0 In OnWakelockReleased of attribution_processor.cc, there is a use after free that could lead to remote code execution with no additional execution privileges needed. | 9.8 |
| 2023-02-28 | CVE-2023-20946 | Unspecified vulnerability in Google Android In onStart of BluetoothSwitchPreferenceController.java, there is a possible permission bypass due to a confused deputy. | 9.8 |