Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-28 | CVE-2023-20944 | Deserialization of Untrusted Data vulnerability in Google Android In run of ChooseTypeAndAccountActivity.java, there is a possible escalation of privilege due to unsafe deserialization. | 7.8 |
| 2023-02-28 | CVE-2023-20945 | Out-of-bounds Write vulnerability in Google Android 10.0 In phNciNfc_MfCreateXchgDataHdr of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. | 7.8 |
| 2023-02-28 | CVE-2023-20948 | Out-of-bounds Read vulnerability in Google Android 12.0/12.1/13.0 In dropFramesUntilIframe of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. | 7.5 |
| 2023-02-15 | CVE-2023-20927 | Unspecified vulnerability in Google Android 13.0 In permissions of AndroidManifest.xml, there is a possible way to grant signature permissions due to a permissions bypass. | 7.8 |
| 2023-02-12 | CVE-2022-47361 | Missing Authorization vulnerability in Google Android 10.0/11.0/12.0 In firewall service, there is a missing permission check. | 7.8 |
| 2023-02-09 | CVE-2023-21419 | Unspecified vulnerability in Google Android 12.0 An improper implementation logic in Secure Folder prior to SMR Jan-2023 Release 1 allows the Secure Folder container remain unlocked under certain condition. | 7.5 |
| 2023-01-26 | CVE-2023-20904 | Unspecified vulnerability in Google Android 12.1/13.0 In getTrampolineIntent of SettingsActivity.java, there is a possible launch of arbitrary activity due to an Intent mismatch in the code. | 7.8 |
| 2023-01-26 | CVE-2023-20905 | Out-of-bounds Write vulnerability in Google Android 10.0 In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. | 7.8 |
| 2023-01-26 | CVE-2023-20912 | Missing Authorization vulnerability in Google Android 13.0 In onActivityResult of AvatarPickerActivity.java, there is a possible way to access images belonging to other users due to a missing permission check. | 7.8 |
| 2023-01-26 | CVE-2023-20913 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of PhoneAccountSettingsActivity.java and related files, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. | 7.8 |