Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-06 | CVE-2022-21757 | Improper Validation of Integrity Check Value vulnerability in Google Android 11.0/12.0 In WIFI Firmware, there is a possible system crash due to a missing count check. | 7.5 |
| 2022-05-10 | CVE-2021-39738 | Missing Authorization vulnerability in Google Android In CarSetings, there is a possible to pair BT device bypassing user's consent due to a missing permission check. | 7.8 |
| 2022-05-10 | CVE-2022-20118 | Use After Free vulnerability in Google Android In ion_ioctl and related functions of ion.c, there is a possible use after free due to a race condition. | 7.0 |
| 2022-05-10 | CVE-2022-20004 | Missing Authorization vulnerability in Google Android In checkSlicePermission of SliceManagerService.java, it is possible to access any slice URI due to improper input validation. | 7.8 |
| 2022-05-10 | CVE-2022-20005 | Unspecified vulnerability in Google Android In validateApkInstallLocked of PackageInstallerSession.java, there is a way to force a mismatch between running code and a parsed APK . | 7.8 |
| 2022-05-10 | CVE-2022-20006 | Race Condition vulnerability in Google Android In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way to briefly view what's under the lockscreen due to a race condition. | 7.0 |
| 2022-05-10 | CVE-2022-20007 | Race Condition vulnerability in Google Android In startActivityForAttachedApplicationIfNeeded of RootWindowContainer.java, there is a possible way to overlay an app that believes it's still in the foreground, when it is not, due to a race condition. | 7.0 |
| 2022-05-10 | CVE-2022-20113 | Unspecified vulnerability in Google Android 12.0/12.1 In mPreference of DefaultUsbConfigurationPreferenceController.java, there is a possible way to enable file transfer mode due to a logic error in the code. | 7.8 |
| 2022-05-10 | CVE-2022-20114 | Improper Privilege Management vulnerability in Google Android In placeCall of TelecomManager.java, there is a possible way for an application to keep itself running with foreground service importance due to a permissions bypass. | 7.8 |
| 2022-05-10 | CVE-2022-20116 | Unspecified vulnerability in Google Android 12.0/12.1 In onEntryUpdated of OngoingCallController.kt, it is possible to launch non-exported activities due to intent redirection. | 7.8 |