Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-02 | CVE-2021-25330 | Unspecified vulnerability in Google Android 10.0 Calling of non-existent provider in MobileWips application prior to SMR Feb-2021 Release 1 allows unauthorized actions including denial of service attack by hijacking the provider. | 7.5 |
| 2021-02-10 | CVE-2021-0341 | Improper Certificate Validation vulnerability in Google Android In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. | 7.5 |
| 2021-02-10 | CVE-2021-0340 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Google Android 10.0 In parseNextBox of IsoInterface.java, there is a possible leak of unredacted location information due to improper input validation. | 8.8 |
| 2021-02-10 | CVE-2021-0339 | Improper Check for Unusual or Exceptional Conditions vulnerability in Google Android 10.0/8.1/9.0 In loadAnimation of WindowContainer.java, there is a possible way to keep displaying a malicious app while a target app is brought to the foreground. | 7.8 |
| 2021-02-10 | CVE-2021-0337 | Cleartext Storage of Sensitive Information vulnerability in Google Android In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale metadata. | 7.8 |
| 2021-02-10 | CVE-2021-0336 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android In onReceive of BluetoothPermissionRequest.java, there is a possible permissions bypass due to a mutable PendingIntent. | 7.8 |
| 2021-02-10 | CVE-2021-0334 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. | 7.8 |
| 2021-02-10 | CVE-2021-0333 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. | 7.3 |
| 2021-02-10 | CVE-2021-0332 | Use After Free vulnerability in Google Android 10.0/11.0 In bootFinished of SurfaceFlinger.cpp, there is a possible memory corruption due to a use after free. | 7.8 |
| 2021-02-10 | CVE-2021-0331 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. | 7.3 |