Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-15 | CVE-2021-0933 | Improper Encoding or Escaping of Output vulnerability in Google Android In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation. | 8.0 |
| 2021-12-15 | CVE-2021-0953 | Improper Preservation of Permissions vulnerability in Google Android In setOnClickActivityIntent of SearchWidgetProvider.java, there is a possible way to access contacts and history bookmarks without permission due to an unsafe PendingIntent. | 7.2 |
| 2021-12-15 | CVE-2021-0970 | Deserialization of Untrusted Data vulnerability in Google Android In createFromParcel of GpsNavigationMessage.java, there is a possible Parcel serialization/deserialization mismatch. | 7.2 |
| 2021-12-15 | CVE-2021-0981 | Unspecified vulnerability in Google Android 10.0/11.0 In enqueueNotificationInternal of NotificationManagerService.java, there is a possible way to run a foreground service without showing a notification due to improper input validation. | 7.8 |
| 2021-12-15 | CVE-2021-0984 | Improper Resource Shutdown or Release vulnerability in Google Android 12.0 In onNullBinding of ManagedServices.java, there is a possible permission bypass due to an incorrectly unbound service. | 7.8 |
| 2021-12-15 | CVE-2021-1040 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of BluetoothPairingSelectionFragment.java, there is a possible EoP due to a tapjacking/overlay attack. | 7.2 |
| 2021-12-15 | CVE-2021-1044 | Out-of-bounds Write vulnerability in Google Android In eicOpsDecryptAes128Gcm of acropora/app/identity/identity_support.c, there is a possible out of bounds write due to a missing bounds check. | 7.2 |
| 2021-12-15 | CVE-2021-1045 | Unspecified vulnerability in Google Android Product: AndroidVersions: Android kernelAndroid ID: A-195580473References: N/A | 7.5 |
| 2021-12-15 | CVE-2021-1048 | Use After Free vulnerability in Google Android In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free. | 7.2 |
| 2021-12-15 | CVE-2021-39639 | Missing Authorization vulnerability in Google Android In TBD of fvp.c, there is a possible way to glitch CPU behavior due to a missing permission check. | 7.2 |