Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-06 | CVE-2023-21266 | Unspecified vulnerability in Google Android In multiple functions of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. | 7.8 |
| 2023-10-02 | CVE-2023-32820 | Reachable Assertion vulnerability in multiple products In wlan firmware, there is a possible firmware assertion due to improper input handling. | 7.5 |
| 2023-09-27 | CVE-2023-44122 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 12.0/13.0 The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings ("com.lge.lockscreensettings") app in the "com/lge/lockscreensettings/dynamicwallpaper/MyCategoryGuideActivity.java" file. | 7.8 |
| 2023-09-27 | CVE-2023-44123 | Unspecified vulnerability in Google Android 12.0/13.0 The vulnerability is the use of implicit PendingIntents with the PendingIntent.FLAG_MUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Bluetooth ("com.lge.bluetoothsetting") app. | 7.8 |
| 2023-09-27 | CVE-2023-44125 | Unspecified vulnerability in Google Android 12.0/13.0 The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAG_IMMUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Personalized service ("com.lge.abba") app. | 7.8 |
| 2023-09-11 | CVE-2023-35658 | Use After Free vulnerability in Google Android In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible privilege escalation due to a use after free. | 8.8 |
| 2023-09-11 | CVE-2023-35665 | Missing Authorization vulnerability in Google Android In multiple files, there is a possible way to import a contact from another user due to a missing permission check. | 7.8 |
| 2023-09-11 | CVE-2023-35666 | Use After Free vulnerability in Google Android In bta_av_rc_msg of bta_av_act.cc, there is a possible use after free due to a logic error in the code. | 7.8 |
| 2023-09-11 | CVE-2023-35667 | Unspecified vulnerability in Google Android In updateList of NotificationAccessSettings.java, there is a possible way to hide approved notification listeners in the settings due to a logic error in the code. | 7.8 |
| 2023-09-11 | CVE-2023-35669 | Deserialization of Untrusted Data vulnerability in Google Android In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to control other running activities due to unsafe deserialization. | 7.8 |