Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-19 | CVE-2023-20967 | Out-of-bounds Write vulnerability in Google Android In avdt_scb_hdl_pkt_no_frag of avdt_scb_act.cc, there is a possible out of bounds write due to an incorrect bounds check. | 7.8 |
| 2023-04-19 | CVE-2023-21081 | Unspecified vulnerability in Google Android In multiple functions of PackageInstallerService.java and related files, there is a possible way to bypass background activity launch restrictions due to a logic error in the code. | 7.8 |
| 2023-04-19 | CVE-2023-21083 | Unspecified vulnerability in Google Android In onNullBinding of CallScreeningServiceHelper.java, there is a possible way to record audio without showing a privacy indicator due to a permissions bypass. | 7.8 |
| 2023-04-19 | CVE-2023-21085 | Out-of-bounds Write vulnerability in Google Android In nci_snd_set_routing_cmd of nci_hmsgs.cc, there is a possible out of bounds write due to a missing bounds check. | 8.8 |
| 2023-04-19 | CVE-2023-21086 | Unspecified vulnerability in Google Android In isToggleable of SecureNfcEnabler.java and SecureNfcPreferenceController.java, there is a possible way to enable NFC from a secondary account due to a permissions bypass. | 7.8 |
| 2023-04-19 | CVE-2023-21088 | Unspecified vulnerability in Google Android 12.0/12.1/13.0 In deliverOnFlushComplete of LocationProviderManager.java, there is a possible way to bypass background activity launch restrictions due to a logic error in the code. | 7.8 |
| 2023-04-19 | CVE-2023-21089 | Unspecified vulnerability in Google Android In startInstrumentation of ActivityManagerService.java, there is a possible way to keep the foreground service alive while the app is in the background. | 7.8 |
| 2023-04-19 | CVE-2023-21092 | Unspecified vulnerability in Google Android In retrieveServiceLocked of ActiveServices.java, there is a possible way to dynamically register a BroadcastReceiver using permissions of System App due to improper input validation. | 7.8 |
| 2023-04-19 | CVE-2023-21093 | Path Traversal vulnerability in Google Android In extractRelativePath of FileUtils.java, there is a possible way to access files in a directory belonging to other applications due to a path traversal error. | 7.8 |
| 2023-04-19 | CVE-2023-21094 | Missing Authorization vulnerability in Google Android In sanitize of LayerState.cpp, there is a possible way to take over the screen display and swap the display content due to a missing permission check. | 7.8 |