Vulnerabilities > Google > Android > High

DATE CVE VULNERABILITY TITLE RISK
2024-11-13 CVE-2024-40671 Missing Authorization vulnerability in Google Android
In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible way to achieve arbitrary code execution due to a missing permission check.
local
low complexity
google CWE-862
7.8
2024-11-13 CVE-2024-43080 Deserialization of Untrusted Data vulnerability in Google Android
In onReceive of AppRestrictionsFragment.java, there is a possible escalation of privilege due to unsafe deserialization.
local
low complexity
google CWE-502
7.8
2024-11-13 CVE-2024-43081 Unspecified vulnerability in Google Android
In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code.
local
low complexity
google
7.8
2024-11-13 CVE-2024-43085 Unspecified vulnerability in Google Android
In handleMessage of UsbDeviceManager.java, there is a possible method to access device contents over USB without unlocking the device due to a logic error in the code.
local
low complexity
google
7.8
2024-11-13 CVE-2024-43087 Unspecified vulnerability in Google Android
In getInstalledAccessibilityPreferences of AccessibilitySettings.java, there is a possible way to hide an enabled accessibility service in the accessibility service settings due to a logic error in the code.
local
low complexity
google
7.8
2024-11-13 CVE-2024-43088 Missing Authorization vulnerability in Google Android
In multiple functions in AppInfoBase.java, there is a possible way to manipulate app permission settings belonging to another user on the device due to a missing permission check.
local
low complexity
google CWE-862
7.8
2024-11-13 CVE-2024-43089 Missing Authorization vulnerability in Google Android
In updateInternal of MediaProvider.java , there is a possible access of another app's files due to a missing permission check.
local
low complexity
google CWE-862
7.8
2024-11-13 CVE-2024-43093 Unspecified vulnerability in Google Android
In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization.
local
low complexity
google
7.8
2024-10-25 CVE-2024-44100 Unspecified vulnerability in Google Android
Android before 2024-10-05 on Google Pixel devices allows information disclosure in the modem component, A-299774545.
network
low complexity
google
7.5
2024-10-25 CVE-2024-44101 NULL Pointer Dereference vulnerability in Google Android
there is a possible Null Pointer Dereference (modem crash) due to improper input validation.
network
low complexity
google CWE-476
7.5