Vulnerabilities > Google > Android > High

DATE CVE VULNERABILITY TITLE RISK
2023-03-24 CVE-2023-21000 Improper Locking vulnerability in Google Android 13.0
In MediaCodec.cpp, there is a possible use after free due to improper locking.
local
low complexity
google CWE-667
7.8
7.8
2023-03-24 CVE-2023-21001 Missing Authorization vulnerability in Google Android 13.0
In onContextItemSelected of NetworkProviderSettings.java, there is a possible way for users to change the Wi-Fi settings of other users due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8
2023-03-24 CVE-2023-21002 Missing Authorization vulnerability in Google Android 13.0
In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8
2023-03-24 CVE-2023-21003 Missing Authorization vulnerability in Google Android 13.0
In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8
2023-03-24 CVE-2023-21004 Missing Authorization vulnerability in Google Android 13.0
In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8
2023-03-24 CVE-2023-21005 Missing Authorization vulnerability in Google Android 13.0
In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8
2023-03-24 CVE-2023-21015 Missing Authorization vulnerability in Google Android 13.0
In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8
2023-03-24 CVE-2023-21017 Unspecified vulnerability in Google Android 13.0
In InstallStart of InstallStart.java, there is a possible way to change the installer package name due to an improper input validation.
local
low complexity
google
7.8
7.8
2023-03-24 CVE-2023-21021 Missing Authorization vulnerability in Google Android 13.0
In isTargetSdkLessThanQOrPrivileged of WifiServiceImpl.java, there is a possible way for the guest user to change admin user network settings due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8
2023-03-24 CVE-2023-21022 Out-of-bounds Write vulnerability in Google Android 13.0
In BufferBlock of Suballocation.cpp, there is a possible out of bounds write due to memory corruption.
local
low complexity
google CWE-787
7.8
7.8