Vulnerabilities > Google > Android > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-30 CVE-2023-21397 Unspecified vulnerability in Google Android
In Setup Wizard, there is a possible way to save a WiFi network due to an insecure default value.
local
low complexity
google
7.8
2023-10-30 CVE-2023-21398 Unspecified vulnerability in Google Android
In sdksandbox, there is a possible strandhogg style overlay attack due to a logic error in the code.
local
low complexity
google
7.8
2023-10-30 CVE-2023-45780 Unspecified vulnerability in Google Android
In Print Service, there is a possible background activity launch due to a logic error in the code.
local
low complexity
google
7.3
2023-10-30 CVE-2021-39810 Missing Authorization vulnerability in Google Android
In NFC, there is a possible way to setup a default contactless payment app without user consent due to a missing permission check.
local
low complexity
google CWE-862
7.8
2023-10-30 CVE-2023-21298 Information Exposure Through Discrepancy vulnerability in Google Android
In Slice, there is a possible disclosure of installed applications due to side channel information disclosure.
local
low complexity
google CWE-203
7.8
2023-10-30 CVE-2023-21313 Missing Authorization vulnerability in Google Android
In Core, there is a possible way to forward calls without user knowledge due to a missing permission check.
local
low complexity
google CWE-862
7.8
2023-10-30 CVE-2023-21324 Information Exposure Through Discrepancy vulnerability in Google Android
In Package Installer, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-203
7.8
2023-10-30 CVE-2023-21328 Missing Authorization vulnerability in Google Android
In Package Installer, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check.
local
low complexity
google CWE-862
7.8
2023-10-30 CVE-2023-21337 Information Exposure Through Discrepancy vulnerability in Google Android
In InputMethod, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-203
7.8
2023-10-30 CVE-2023-21339 Unspecified vulnerability in Google Android
In Minikin, there is a possible way to trigger ANR by showing a malicious message due to resource exhaustion.
network
low complexity
google
7.5