Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-11 | CVE-2024-23717 | Unspecified vulnerability in Google Android In access_secure_service_from_temp_bond of btm_sec.cc, there is a possible way to achieve keystroke injection due to improper input validation. low complexity google | 8.8 |
| 2024-02-16 | CVE-2024-0018 | Out-of-bounds Write vulnerability in Google Android In convertYUV420Planar16ToY410 of ColorConverter.cpp, there is a possible out of bounds write due to a heap buffer overflow. | 7.8 |
| 2024-02-16 | CVE-2024-0021 | Unspecified vulnerability in Google Android 13.0/14.0 In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way for an app in the work profile to enable notification listener services due to a logic error in the code. | 7.8 |
| 2024-02-16 | CVE-2024-0023 | Out-of-bounds Write vulnerability in Google Android In ConvertRGBToPlanarYUV of Codec2BufferUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. | 7.8 |
| 2024-02-16 | CVE-2023-21165 | Use After Free vulnerability in Google Android In DevmemIntUnmapPMR of devicemem_server.c, there is a possible arbitrary code execution due to a use after free. | 7.8 |
| 2024-02-16 | CVE-2024-0015 | Unspecified vulnerability in Google Android In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. | 7.8 |
| 2024-02-16 | CVE-2024-0014 | Unspecified vulnerability in Google Android In startInstall of UpdateFetcher.java, there is a possible way to trigger a malicious config update due to a logic error. | 7.8 |
| 2024-02-16 | CVE-2024-0029 | Unspecified vulnerability in Google Android 13.0 In multiple files, there is a possible way to capture the device screen when disallowed by device policy due to a logic error in the code. | 7.8 |
| 2024-02-16 | CVE-2024-0033 | Out-of-bounds Write vulnerability in Google Android In multiple functions of ashmem-dev.cpp, there is a possible missing seal due to a heap buffer overflow. | 7.8 |
| 2024-02-16 | CVE-2024-0034 | Unspecified vulnerability in Google Android In BackgroundLaunchProcessController, there is a possible way to launch arbitrary activity from the background due to BAL Bypass. | 7.8 |