Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-11 | CVE-2021-39662 | Missing Authorization vulnerability in Google Android 11.0/12.0 In checkUriPermission of MediaProvider.java , there is a possible way to gain access to the content of media provider collections due to a missing permission check. | 7.2 |
| 2022-02-11 | CVE-2021-39663 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 10.0 In openFileAndEnforcePathPermissionsHelper of MediaProvider.java, there is a possible bypass of a permissions check due to a confused deputy. | 7.2 |
| 2022-02-11 | CVE-2021-39668 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 11.0/12.0 In onActivityViewReady of DetailDialog.kt, there is a possible Intent Redirect due to a confused deputy. | 7.2 |
| 2022-02-11 | CVE-2021-39672 | Unspecified vulnerability in Google Android In fastboot, there is a possible secure boot bypass due to a configuration error. | 7.2 |
| 2022-02-11 | CVE-2021-39674 | Use After Free vulnerability in Google Android 10.0/11.0/12.0 In btm_sec_connected and btm_sec_disconnected of btm_sec.cc file , there is a possible use after free. | 7.2 |
| 2022-02-11 | CVE-2021-39676 | Improper Input Validation vulnerability in Google Android 11.0 In writeThrowable of AndroidFuture.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. | 7.8 |
| 2022-02-11 | CVE-2022-23425 | Improper Input Validation vulnerability in Google Android 10.0/11.0/12.0 Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station. | 7.5 |
| 2022-02-11 | CVE-2022-23428 | Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0 An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | 7.2 |
| 2022-01-14 | CVE-2021-0959 | Unspecified vulnerability in Google Android 12.0 In jit_memory_region.cc, there is a possible bypass of memory restrictions due to a logic error in the code. | 7.2 |
| 2022-01-14 | CVE-2021-1035 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 10.0/12.0 In setLaunchIntent of BluetoothDevicePickerPreferenceController.java, there is a possible way to invoke an arbitrary broadcast receiver due to a confused deputy. | 7.2 |