Vulnerabilities > Google > Android > High

DATE CVE VULNERABILITY TITLE RISK
2022-05-03 CVE-2022-20111 Improper Handling of Exceptional Conditions vulnerability in Google Android
In ion, there is a possible use after free due to incorrect error handling.
local
low complexity
google CWE-755
8.4
8.4
2022-05-03 CVE-2022-21743 Integer Overflow or Wraparound vulnerability in Google Android
In ion, there is a possible use after free due to an integer overflow.
local
low complexity
google CWE-190
7.8
7.8
2022-05-03 CVE-2022-20084 Missing Authorization vulnerability in Google Android 10.0/11.0/12.0
In telephony, there is a possible way to disable receiving emergency broadcasts due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8
2022-05-03 CVE-2022-20088 Improper Handling of Exceptional Conditions vulnerability in Google Android 11.0/12.0
In aee driver, there is a possible reference count mistake due to incorrect error handling.
local
low complexity
google CWE-755
7.8
7.8
2022-05-03 CVE-2022-20093 Missing Authorization vulnerability in Google Android 10.0/11.0/12.0
In telephony, there is a possible way to disable receiving SMS messages due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8
2022-05-03 CVE-2022-20099 Out-of-bounds Write vulnerability in Google Android 11.0/12.0
In aee daemon, there is a possible out of bounds write due to improper input validation.
local
low complexity
google CWE-787
7.8
7.8
2022-05-03 CVE-2022-20109 Unspecified vulnerability in Google Android
In ion, there is a possible use after free due to improper update of reference count.
local
low complexity
google
7.8
7.8
2022-05-03 CVE-2022-20110 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android
In ion, there is a possible use after free due to a race condition.
local
high complexity
google CWE-367
7.0
7.0
2022-05-03 CVE-2022-28783 Improper Input Validation vulnerability in Google Android 10.0/11.0/12.0
Improper validation of removing package name in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to uninstall arbitrary packages without permission.
local
low complexity
google CWE-20
7.1
7.1
2022-04-12 CVE-2021-0694 Incorrect Authorization vulnerability in Google Android 11.0
In setServiceForegroundInnerLocked of ActiveServices.java, there is a possible way for a background application to regain foreground permissions due to insufficient background restrictions.
local
low complexity
google CWE-863
7.8
7.8