Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-14 | CVE-2023-21269 | Improper Privilege Management vulnerability in Google Android 13.0 In startActivityInner of ActivityStarter.java, there is a possible way to launch an activity into PiP mode from the background due to BAL bypass. | 7.8 |
| 2023-08-07 | CVE-2023-33913 | Out-of-bounds Write vulnerability in Google Android 11.0/12.0 In DRM/oemcrypto, there is a possible out of bounds write due to an incorrect calculation of buffer size.This could lead to remote escalation of privilege with System execution privileges needed | 7.2 |
| 2023-07-14 | CVE-2023-35692 | Unspecified vulnerability in Google Android In getLocationCache of GeoLocation.java, there is a possible way to send a mock location during an emergency call due to improper input validation. | 7.8 |
| 2023-07-13 | CVE-2023-21145 | Unspecified vulnerability in Google Android In updatePictureInPictureMode of ActivityRecord.java, there is a possible bypass of background launch restrictions due to a logic error in the code. | 7.8 |
| 2023-07-13 | CVE-2023-21241 | Integer Overflow or Wraparound vulnerability in Google Android In rw_i93_send_to_upper of rw_i93.cc, there is a possible out of bounds write due to an integer overflow. | 7.8 |
| 2023-07-13 | CVE-2023-21245 | Unspecified vulnerability in Google Android In showNextSecurityScreenOrFinish of KeyguardSecurityContainerController.java, there is a possible way to access the lock screen during device setup due to a logic error in the code. | 7.8 |
| 2023-07-13 | CVE-2023-21247 | Missing Authorization vulnerability in Google Android 12.0/12.1/13.0 In getAvailabilityStatus of BluetoothScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. | 7.8 |
| 2023-07-13 | CVE-2023-21248 | Missing Authorization vulnerability in Google Android 12.0/12.1/13.0 In getAvailabilityStatus of WifiScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. | 7.8 |
| 2023-07-13 | CVE-2023-21251 | Improper Input Validation vulnerability in Google Android In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. | 7.3 |
| 2023-07-13 | CVE-2023-21254 | Unspecified vulnerability in Google Android 13.0 In getCurrentState of OneTimePermissionUserManager.java, there is a possible way to hold one-time permissions after the app is being killed due to a logic error in the code. | 7.8 |