Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-13 | CVE-2024-43085 | Unspecified vulnerability in Google Android In handleMessage of UsbDeviceManager.java, there is a possible method to access device contents over USB without unlocking the device due to a logic error in the code. | 7.8 |
| 2024-11-13 | CVE-2024-43087 | Unspecified vulnerability in Google Android In getInstalledAccessibilityPreferences of AccessibilitySettings.java, there is a possible way to hide an enabled accessibility service in the accessibility service settings due to a logic error in the code. | 7.8 |
| 2024-11-13 | CVE-2024-43088 | Missing Authorization vulnerability in Google Android In multiple functions in AppInfoBase.java, there is a possible way to manipulate app permission settings belonging to another user on the device due to a missing permission check. | 7.8 |
| 2024-11-13 | CVE-2024-43089 | Missing Authorization vulnerability in Google Android In updateInternal of MediaProvider.java , there is a possible access of another app's files due to a missing permission check. | 7.8 |
| 2024-11-13 | CVE-2024-43093 | Unspecified vulnerability in Google Android In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. | 7.8 |
| 2024-10-25 | CVE-2024-44100 | Unspecified vulnerability in Google Android Android before 2024-10-05 on Google Pixel devices allows information disclosure in the modem component, A-299774545. | 7.5 |
| 2024-10-25 | CVE-2024-44101 | NULL Pointer Dereference vulnerability in Google Android there is a possible Null Pointer Dereference (modem crash) due to improper input validation. | 7.5 |
| 2024-10-25 | CVE-2024-47012 | Out-of-bounds Write vulnerability in Google Android In mm_GetMobileIdIndexForNsUpdate of mm_GmmPduCodec.c, there is a possible out of bounds write due to an incorrect bounds check. | 7.8 |
| 2024-10-25 | CVE-2024-47017 | Use After Free vulnerability in Google Android In ufshc_scsi_cmd of ufs.c, there is a possible stack variable use after free due to a use after free. | 7.8 |
| 2024-10-25 | CVE-2024-47020 | Unspecified vulnerability in Google Android Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ABL component, A-331966488. | 7.5 |