Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-22 | CVE-2021-0536 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 11.0 In dropFile of WiFiInstaller, there is a way to delete files accessible to CertInstaller due to a confused deputy. | 7.8 |
| 2021-06-22 | CVE-2021-0537 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0 In onCreate of WiFiInstaller.java, there is a possible way to install a malicious Hotspot 2.0 configuration due to a tapjacking/overlay attack. | 7.3 |
| 2021-06-22 | CVE-2021-0538 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0 In onCreate of EmergencyCallbackModeExitDialog.java, there is a possible exit of emergency callback mode due to a tapjacking/overlay attack. | 7.3 |
| 2021-06-22 | CVE-2021-0539 | Missing Authorization vulnerability in Google Android 11.0 In archiveStoredConversation of MmsService.java, there is a possible way to archive message conversation without user consent due to a missing permission check. | 7.8 |
| 2021-06-22 | CVE-2021-0547 | Missing Authorization vulnerability in Google Android 11.0 In onReceive of NetInitiatedActivity.java, there is a possible way to supply an attacker-controlled value to a GPS HAL handler due to a missing permission check. | 7.8 |
| 2021-06-22 | CVE-2021-0548 | Out-of-bounds Write vulnerability in Google Android 11.0 In rw_i93_send_to_lower of rw_i93.cc, there is a possible out of bounds write due to a missing bounds check. | 7.8 |
| 2021-06-22 | CVE-2021-0550 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 11.0 In onLoadFailed of AnnotateActivity.java, there is a possible way to gain WRITE_EXTERNAL_STORAGE permissions without user consent due to a confused deputy. | 7.8 |
| 2021-06-22 | CVE-2021-0553 | Injection vulnerability in Google Android 11.0 In onBindViewHolder of AppSwitchPreference.java, there is a possible bypass of device admin setttings due to unclear UI. | 7.3 |
| 2021-06-22 | CVE-2021-0607 | Out-of-bounds Write vulnerability in Google Android In iaxxx_calc_i2s_div of iaxxx-codec.c, there is a possible hardware port write with user controlled data due to a missing bounds check. | 7.8 |
| 2021-06-22 | CVE-2021-0608 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android In handleAppLaunch of AppLaunchActivity.java, there is a possible arbitrary activity launch due to a confused deputy. | 7.8 |