Vulnerabilities > Google > Android > High

DATE CVE VULNERABILITY TITLE RISK
2023-12-04 CVE-2023-40084 Use After Free vulnerability in Google Android
In run of MDnsSdListener.cpp, there is a possible memory corruption due to a use after free.
local
low complexity
google CWE-416
7.8
2023-12-04 CVE-2023-40087 Out-of-bounds Write vulnerability in Google Android
In transcodeQ*ToFloat of btif_avrcp_audio_track.cc, there is a possible out of bounds write due to a missing bounds check.
low complexity
google CWE-787
8.8
2023-12-04 CVE-2023-40088 Use After Free vulnerability in Google Android
In callback_thread_event of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible memory corruption due to a use after free.
low complexity
google CWE-416
8.8
2023-12-04 CVE-2023-40089 Missing Authorization vulnerability in Google Android 14.0
In getCredentialManagerPolicy of DevicePolicyManagerService.java, there is a possible method for users to select credential managers without permission due to a missing permission check.
local
low complexity
google CWE-862
7.8
2023-12-04 CVE-2023-40091 Out-of-bounds Write vulnerability in Google Android
In onTransact of IncidentService.cpp, there is a possible out of bounds write due to memory corruption.
local
low complexity
google CWE-787
7.8
2023-12-04 CVE-2023-40094 Missing Authorization vulnerability in Google Android
In keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due to a missing permission check.
local
low complexity
google CWE-862
7.8
2023-12-04 CVE-2023-40095 Unspecified vulnerability in Google Android
In createDontSendToRestrictedAppsBundle of PendingIntentUtils.java, there is a possible background activity launch due to a missing check.
local
low complexity
google
7.8
2023-12-04 CVE-2023-40096 Unspecified vulnerability in Google Android
In OpRecordAudioMonitor::onFirstRef of AudioRecordClient.cpp, there is a possible way to record audio from the background due to a missing flag.
local
low complexity
google
7.8
2023-12-04 CVE-2023-40097 Improper Input Validation vulnerability in Google Android
In hasPermissionForActivity of PackageManagerHelper.java, there is a possible URI grant due to improper input validation.
local
low complexity
google CWE-20
7.8
2023-12-04 CVE-2023-40103 Double Free vulnerability in Google Android 14.0
In multiple locations, there is a possible way to corrupt memory due to a double free.
local
low complexity
google CWE-415
7.8