Vulnerabilities > Google > Android > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-09-11 CVE-2023-35681 Integer Overflow or Wraparound vulnerability in Google Android 13.0
In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow.
network
low complexity
google CWE-190
critical
9.8
2023-08-14 CVE-2023-21287 Type Confusion vulnerability in Google Android
In multiple locations, there is a possible code execution due to type confusion.
network
low complexity
google CWE-843
critical
9.8
2023-08-14 CVE-2023-21242 Unspecified vulnerability in Google Android 13.0
In isServerCertChainValid of InsecureEapNetworkHandler.java, there is a possible way to trust an imposter server due to a logic error in the code.
network
low complexity
google
critical
9.8
2023-08-14 CVE-2023-20965 Insufficiently Protected Credentials vulnerability in Google Android 13.0
In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code.
network
low complexity
google CWE-522
critical
9.8
2023-07-13 CVE-2023-21250 Out-of-bounds Write vulnerability in Google Android
In gatt_end_operation of gatt_utils.cc, there is a possible out of bounds write due to a missing bounds check.
network
low complexity
google CWE-787
critical
9.8
2023-07-13 CVE-2023-20918 Unspecified vulnerability in Google Android
In getPendingIntentLaunchFlags of ActivityOptions.java, there is a possible elevation of privilege due to a confused deputy with no additional execution privileges needed.
network
low complexity
google
critical
9.8
2023-06-28 CVE-2023-21066 Out-of-bounds Write vulnerability in Google Android
In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write due to a heap buffer overflow.
network
low complexity
google CWE-787
critical
9.8
2023-06-15 CVE-2023-21130 Out-of-bounds Read vulnerability in Google Android 13.0
In btm_ble_periodic_adv_sync_lost of btm_ble_gap.cc, there is a possible remote code execution due to a buffer overflow.
network
low complexity
google CWE-125
critical
9.8
2023-06-15 CVE-2021-0945 Unspecified vulnerability in Google Android
In _PMRCreate of the PowerVR kernel driver, a missing bounds check means it is possible to overwrite heap memory via PhysmemNewRamBackedPMR.
network
low complexity
google
critical
9.8
2023-06-15 CVE-2021-0701 Unspecified vulnerability in Google Android
In PVRSRVBridgeSyncPrimOpCreate of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access.
network
low complexity
google
critical
9.8