Vulnerabilities > Google > Android > High

DATE CVE VULNERABILITY TITLE RISK
2024-11-13 CVE-2024-43089 Missing Authorization vulnerability in Google Android
In updateInternal of MediaProvider.java , there is a possible access of another app's files due to a missing permission check.
local
low complexity
google CWE-862
7.8
2024-11-13 CVE-2024-43093 Unspecified vulnerability in Google Android
In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization.
local
low complexity
google
7.8
2024-10-25 CVE-2024-44100 Unspecified vulnerability in Google Android
Android before 2024-10-05 on Google Pixel devices allows information disclosure in the modem component, A-299774545.
network
low complexity
google
7.5
2024-10-25 CVE-2024-44101 NULL Pointer Dereference vulnerability in Google Android
there is a possible Null Pointer Dereference (modem crash) due to improper input validation.
network
low complexity
google CWE-476
7.5
2024-10-25 CVE-2024-47012 Out-of-bounds Write vulnerability in Google Android
In mm_GetMobileIdIndexForNsUpdate of mm_GmmPduCodec.c, there is a possible out of bounds write due to an incorrect bounds check.
local
low complexity
google CWE-787
7.8
2024-10-25 CVE-2024-47017 Use After Free vulnerability in Google Android
In ufshc_scsi_cmd of ufs.c, there is a possible stack variable use after free due to a use after free.
local
low complexity
google CWE-416
7.8
2024-10-25 CVE-2024-47020 Unspecified vulnerability in Google Android
Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ABL component, A-331966488.
network
low complexity
google
7.5
2024-10-25 CVE-2024-47021 Out-of-bounds Read vulnerability in Google Android
In sms_ExtractCbLanguage of sms_CellBroadcast.c, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
7.5
2024-10-25 CVE-2024-47022 Unspecified vulnerability in Google Android
Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ACPM component, A-331255656.
network
low complexity
google
7.5
2024-10-25 CVE-2024-47023 Unspecified vulnerability in Google Android
there is a possible man-in-the-middle attack due to a logic error in the code.
network
high complexity
google
8.1