Vulnerabilities > Google > Android > High

DATE CVE VULNERABILITY TITLE RISK
2024-07-09 CVE-2024-31323 Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 14.0
In onCreate of multiple files, there is a possible way to trick the user into granting health permissions due to tapjacking.
local
low complexity
google CWE-1021
7.8
2024-07-09 CVE-2024-31324 Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android
In hide of WindowState.java, there is a possible way to bypass tapjacking/overlay protection by launching the activity in portrait mode first and then rotating it to landscape mode.
local
low complexity
google CWE-1021
7.3
2024-07-09 CVE-2024-31325 Unspecified vulnerability in Google Android
In multiple locations, there is a possible way to reveal images across users data due to a logic error in the code.
local
low complexity
google
7.8
2024-07-09 CVE-2024-31326 Unspecified vulnerability in Google Android 14.0
In multiple locations, there is a possible way in which policy migration code will never be executed due to a logic error in the code.
local
low complexity
google
7.8
2024-07-09 CVE-2024-31327 Race Condition vulnerability in Google Android
In multiple functions of MessageQueueBase.h, there is a possible out of bounds write due to a race condition.
local
high complexity
google CWE-362
7.0
2024-07-09 CVE-2024-31331 Unspecified vulnerability in Google Android
In setMimeGroup of PackageManagerService.java, there is a possible way to hide the service from Settings due to a logic error in the code.
local
low complexity
google
7.3
2024-07-09 CVE-2024-31332 Missing Authorization vulnerability in Google Android 13.0/14.0
In multiple locations, there is a possible way to bypass a restriction on adding new Wi-Fi connections due to a missing permission check.
local
low complexity
google CWE-862
7.8
2024-07-09 CVE-2024-31334 Unspecified vulnerability in Google Android
In DevmemIntFreeDefBackingPage of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code.
local
low complexity
google
7.8
2024-07-09 CVE-2024-31335 Unspecified vulnerability in Google Android
In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code.
local
low complexity
google
7.8
2024-07-09 CVE-2024-31339 Use After Free vulnerability in Google Android
In multiple functions of StatsService.cpp, there is a possible memory corruption due to a use after free.
local
low complexity
google CWE-416
7.8