Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-13 | CVE-2022-20485 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. | 7.8 |
| 2022-12-13 | CVE-2022-20486 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. | 7.8 |
| 2022-12-13 | CVE-2022-20487 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. | 7.8 |
| 2022-12-13 | CVE-2022-20488 | Improper Validation of Specified Quantity in Input vulnerability in Google Android In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. | 7.8 |
| 2022-12-13 | CVE-2022-20491 | Improper Validation of Specified Quantity in Input vulnerability in Google Android In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. | 7.8 |
| 2022-12-13 | CVE-2022-20495 | Unspecified vulnerability in Google Android In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic error in the code. | 7.8 |
| 2022-12-13 | CVE-2022-20501 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. | 7.3 |
| 2022-12-13 | CVE-2022-20611 | Incorrect Default Permissions vulnerability in Google Android In deletePackageVersionedInternal of DeletePackageHelper.java, there is a possible way to bypass carrier restrictions due to a permissions bypass. | 7.8 |
| 2022-12-08 | CVE-2022-39907 | Integer Overflow or Wraparound vulnerability in Google Android Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write. | 7.8 |
| 2022-12-08 | CVE-2022-39908 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write. | 7.4 |