Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-19 | CVE-2023-21097 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. | 7.8 |
| 2023-04-19 | CVE-2023-21098 | Unspecified vulnerability in Google Android In multiple functions of AccountManagerService.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. | 7.8 |
| 2023-04-19 | CVE-2023-21099 | Unspecified vulnerability in Google Android In multiple methods of PackageInstallerSession.java, there is a possible way to start foreground services from the background due to a logic error in the code. | 7.8 |
| 2023-04-19 | CVE-2023-21100 | Out-of-bounds Write vulnerability in Google Android 12.0/12.1/13.0 In inflate of inflate.c, there is a possible out of bounds write due to a heap buffer overflow. | 7.8 |
| 2023-04-11 | CVE-2022-47338 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0 In telecom service, there is a missing permission check. | 7.1 |
| 2023-04-06 | CVE-2023-20655 | Improper Privilege Management vulnerability in Google Android In mmsdk, there is a possible escalation of privilege due to a parcel format mismatch. | 7.8 |
| 2023-03-24 | CVE-2022-20542 | Improper Input Validation vulnerability in Google Android 13.0 In parseParamsBlob of types.cpp, there is a possible out of bounds write due to a missing bounds check. | 7.8 |
| 2023-03-24 | CVE-2023-20906 | Unspecified vulnerability in Google Android In onPackageAddedInternal of PermissionManagerService.java, there is a possible way to silently grant a permission after a Target SDK update due to a permissions bypass. | 7.8 |
| 2023-03-24 | CVE-2023-20911 | Resource Exhaustion vulnerability in Google Android In addPermission of PermissionManagerServiceImpl.java , there is a possible failure to persist permission settings due to resource exhaustion. | 7.8 |
| 2023-03-24 | CVE-2023-20917 | Unspecified vulnerability in Google Android In onTargetSelected of ResolverActivity.java, there is a possible way to share a wrong file due to a logic error in the code. | 7.8 |