Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-16 | CVE-2022-20503 | Missing Authorization vulnerability in Google Android 13.0 In onCreate of WifiDppConfiguratorActivity.java, there is a possible way for a guest user to add a WiFi configuration due to a missing permission check. | 7.8 |
| 2022-12-16 | CVE-2022-20506 | Missing Authorization vulnerability in Google Android 13.0 In onCreate of WifiDialogActivity.java, there is a missing permission check. | 7.8 |
| 2022-12-16 | CVE-2022-20507 | Improper Input Validation vulnerability in Google Android 13.0 In onMulticastListUpdateNotificationReceived of UwbEventManager.java, there is a possible arbitrary code execution due to a missing bounds check. | 7.8 |
| 2022-12-16 | CVE-2022-20508 | Missing Authorization vulnerability in Google Android 13.0 In onAttach of ConfigureWifiSettings.java, there is a possible way for a guest user to change WiFi settings due to a permissions bypass. | 7.8 |
| 2022-12-16 | CVE-2022-20512 | Improper Input Validation vulnerability in Google Android 13.0 In navigateUpTo of Task.java, there is a possible way to launch an intent handler with a mismatched intent due to improper input validation. | 7.8 |
| 2022-12-16 | CVE-2022-20516 | Integer Underflow (Wrap or Wraparound) vulnerability in Google Android 13.0 In rw_t3t_act_handle_check_ndef_rsp of rw_t3t.cc, there is a possible out of bounds read due to an integer overflow. | 7.5 |
| 2022-12-16 | CVE-2022-20520 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 13.0 In onCreate of various files, there is a possible tapjacking/overlay attack. | 7.8 |
| 2022-12-16 | CVE-2022-20522 | Missing Authorization vulnerability in Google Android 13.0 In getSlice of ProviderModelSlice.java, there is a missing permission check. | 7.8 |
| 2022-12-16 | CVE-2022-20524 | Use After Free vulnerability in Google Android 13.0 In compose of Vibrator.cpp, there is a possible arbitrary code execution due to a use after free. | 7.8 |
| 2022-12-16 | CVE-2022-20540 | Use After Free vulnerability in Google Android 13.0 In SurfaceFlinger::doDump of SurfaceFlinger.cpp, there is possible arbitrary code execution due to a use after free. | 7.8 |