Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-10 | CVE-2021-0376 | Incorrect Authorization vulnerability in Google Android 11.0 In checkUriPermission and related functions of MediaProvider.java, there is a possible way to access external files due to a permissions bypass. | 7.8 |
| 2021-03-10 | CVE-2021-0372 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 11.0 In getMediaOutputSliceAction of RemoteMediaSlice.java, there is a possible permission bypass due to an unsafe PendingIntent. | 7.8 |
| 2021-03-10 | CVE-2021-0369 | Unspecified vulnerability in Google Android 11.0 In CrossProfileAppsServiceImpl.java, there is the possibility of an application's INTERACT_ACROSS_PROFILES grant state not displaying properly in the setting UI due to a logic error in the code. | 7.8 |
| 2021-03-10 | CVE-2020-0025 | Unspecified vulnerability in Google Android 11.0 In deletePackageVersionedInternal of PackageManagerService.java, there is a possible way to exit Screen Pinning due to a permissions bypass. | 7.8 |
| 2021-03-02 | CVE-2021-25330 | Unspecified vulnerability in Google Android 10.0 Calling of non-existent provider in MobileWips application prior to SMR Feb-2021 Release 1 allows unauthorized actions including denial of service attack by hijacking the provider. | 7.5 |
| 2021-02-10 | CVE-2021-0341 | Improper Certificate Validation vulnerability in Google Android In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. | 7.5 |
| 2021-02-10 | CVE-2021-0340 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Google Android 10.0 In parseNextBox of IsoInterface.java, there is a possible leak of unredacted location information due to improper input validation. | 8.8 |
| 2021-02-10 | CVE-2021-0339 | Improper Check for Unusual or Exceptional Conditions vulnerability in Google Android 10.0/8.1/9.0 In loadAnimation of WindowContainer.java, there is a possible way to keep displaying a malicious app while a target app is brought to the foreground. | 7.8 |
| 2021-02-10 | CVE-2021-0337 | Cleartext Storage of Sensitive Information vulnerability in Google Android In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale metadata. | 7.8 |
| 2021-02-10 | CVE-2021-0336 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android In onReceive of BluetoothPermissionRequest.java, there is a possible permissions bypass due to a mutable PendingIntent. | 7.8 |