Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-15 | CVE-2022-20124 | Unspecified vulnerability in Google Android In deletePackageX of DeletePackageHelper.java, there is a possible way for a Guest user to reset pre-loaded applications for other users due to a permissions bypass. | 7.8 |
| 2022-06-15 | CVE-2022-20126 | Missing Authorization vulnerability in Google Android In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode without user interaction due to a missing permission check. | 7.3 |
| 2022-06-15 | CVE-2022-20131 | Out-of-bounds Read vulnerability in Google Android In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. | 7.5 |
| 2022-06-15 | CVE-2022-20133 | Missing Authorization vulnerability in Google Android In setDiscoverableTimeout of AdapterService.java, there is a possible bypass of user interaction due to a missing permission check. | 7.8 |
| 2022-06-15 | CVE-2022-20134 | Improper Input Validation vulnerability in Google Android In readArguments of CallSubjectDialog.java, there is a possible way to trick the user to call the wrong phone number due to improper input validation. | 7.8 |
| 2022-06-15 | CVE-2022-20135 | Unspecified vulnerability in Google Android In writeToParcel of GateKeeperResponse.java, there is a possible parcel format mismatch. | 7.8 |
| 2022-06-15 | CVE-2022-20137 | Missing Authorization vulnerability in Google Android 12.0/12.1 In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. | 7.3 |
| 2022-06-07 | CVE-2022-30717 | Unspecified vulnerability in Google Android 10.0/11.0 Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1 allows untrusted applications to use some camera functions via deeplink. | 7.5 |
| 2022-06-07 | CVE-2022-30726 | Unspecified vulnerability in Google Android 12.0 Unprotected component vulnerability in DeviceSearchTrampoline in SecSettingsIntelligence prior to SMR Jun-2022 Release 1 allows local attackers to launch activities of SecSettingsIntelligence. | 7.8 |
| 2022-06-06 | CVE-2022-21745 | Use After Free vulnerability in Google Android 10.0/11.0/12.0 In WIFI Firmware, there is a possible memory corruption due to a use after free. | 8.8 |