Vulnerabilities > Google > Android > High

DATE CVE VULNERABILITY TITLE RISK
2020-12-15 CVE-2020-27050 Out-of-bounds Write vulnerability in Google Android 11.0
In rw_i93_send_cmd_write_multi_blocks of rw_i93.cc, there is a possible out of bounds write due to a heap buffer overflow.
local
low complexity
google CWE-787
7.8
2020-12-15 CVE-2020-27049 Out-of-bounds Write vulnerability in Google Android 11.0
In rw_t3t_send_raw_frame of rw_t3t.cc, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
7.8
2020-12-15 CVE-2020-27048 Out-of-bounds Write vulnerability in Google Android 11.0
In RW_SendRawFrame of rw_main.cc, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
7.8
2020-12-15 CVE-2020-27045 Out-of-bounds Write vulnerability in Google Android 11.0
In CE_SendRawFrame of ce_main.cc, there is a possible out of bounds write due to a heap buffer overflow.
local
low complexity
google CWE-787
7.8
2020-12-15 CVE-2020-27044 Use After Free vulnerability in Google Android 11.0
In restartWrite of Parcel.cpp, there is a possible memory corruption due to a use after free.
local
low complexity
google CWE-416
7.8
2020-12-15 CVE-2020-27030 Unspecified vulnerability in Google Android 11.0
In onCreate of HandleApiCalls.java, there is a possible permission bypass due to a confused deputy.
local
low complexity
google
7.8
2020-12-15 CVE-2020-27024 Out-of-bounds Read vulnerability in Google Android 11.0
In smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
7.5
2020-12-15 CVE-2020-0489 Out-of-bounds Write vulnerability in Google Android 11.0
In Parse_data of eas_mdls.c, there is a possible out of bounds write due to a missing bounds check.
network
low complexity
google CWE-787
8.8
2020-12-15 CVE-2020-0486 Incorrect Default Permissions vulnerability in Google Android 11.0
In openAssetFileListener of ContactsProvider2.java, there is a possible permission bypass due to an insecure default value.
local
low complexity
google CWE-276
7.8
2020-12-15 CVE-2020-0485 Missing Authorization vulnerability in Google Android 11.0
In areFunctionsSupported of UsbBackend.java, there is a possible access to tethering from a guest account due to a missing permission check.
local
low complexity
google CWE-862
7.8