Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-13 | CVE-2020-0030 | Use After Free vulnerability in Google Android In binder_thread_release of binder.c, there is a possible use after free due to a race condition. | 7.0 |
| 2020-02-13 | CVE-2020-0027 | Out-of-bounds Write vulnerability in Google Android In HidRawSensor::batch of HidRawSensor.cpp, there is a possible out of bounds write due to an unexpected switch fallthrough. | 7.8 |
| 2020-02-13 | CVE-2020-0026 | Use After Free vulnerability in Google Android In Parcel::continueWrite of Parcel.cpp, there is possible memory corruption due to a use after free. | 7.8 |
| 2020-02-13 | CVE-2020-0022 | Incorrect Calculation vulnerability in multiple products In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. | 8.8 |
| 2020-02-13 | CVE-2020-0015 | Unspecified vulnerability in Google Android In onCreate of CertInstaller.java, there is a possible way to overlay the Certificate Installation dialog by a malicious application. | 7.8 |
| 2020-02-13 | CVE-2019-2200 | Incorrect Default Permissions vulnerability in Google Android 10.0 In updatePermissions of PermissionManagerService.java, it may be possible for a malicious app to obtain a custom permission from another app due to a permission bypass. | 7.3 |
| 2020-02-12 | CVE-2011-3901 | Information Exposure vulnerability in Google Android 2.3.7 Android SQLite Journal before 4.0.1 has an information disclosure vulnerability. | 7.5 |
| 2020-02-07 | CVE-2014-7224 | Improper Input Validation vulnerability in Google Android A Code Execution vulnerability exists in Android prior to 4.4.0 related to the addJavascriptInterface method and the accessibility and accessibilityTraversal objects, which could let a remote malicious user execute arbitrary code. | 8.8 |
| 2020-02-05 | CVE-2019-11516 | Out-of-bounds Write vulnerability in Google Android An issue was discovered in the Bluetooth component of the Cypress (formerly owned by Broadcom) Wireless IoT codebase. | 8.1 |
| 2020-02-04 | CVE-2019-19273 | Out-of-bounds Write vulnerability in multiple products On Samsung mobile devices with O(8.0) and P(9.0) software and an Exynos 8895 chipset, RKP (aka the Samsung Hypervisor EL2 implementation) allows arbitrary memory write operations. | 7.8 |