Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-11 | CVE-2021-39668 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 11.0/12.0 In onActivityViewReady of DetailDialog.kt, there is a possible Intent Redirect due to a confused deputy. | 7.8 |
| 2022-02-11 | CVE-2021-39669 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0/12.0 In onCreate of InstallCaCertificateWarning.java, there is a possible way to mislead an user about CA installation circumstances due to a tapjacking/overlay attack. | 7.8 |
| 2022-02-11 | CVE-2021-39672 | Unspecified vulnerability in Google Android In fastboot, there is a possible secure boot bypass due to a configuration error. | 7.8 |
| 2022-02-11 | CVE-2021-39674 | Use After Free vulnerability in Google Android 10.0/11.0/12.0 In btm_sec_connected and btm_sec_disconnected of btm_sec.cc file , there is a possible use after free. | 7.8 |
| 2022-02-11 | CVE-2021-39676 | Improper Input Validation vulnerability in Google Android 11.0 In writeThrowable of AndroidFuture.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. | 7.8 |
| 2022-02-11 | CVE-2021-39677 | Out-of-bounds Read vulnerability in Google Android 11.0 In startVideoStream() there is a possibility of an OOB Read in the heap, when the camera buffer is ‘zero’ in size.Product: AndroidVersions: Android-11Android ID: A-205097028 | 7.5 |
| 2022-02-11 | CVE-2022-22292 | Unspecified vulnerability in Google Android 10.0/11.0/12.0 Unprotected dynamic receiver in Telecom prior to SMR Feb-2022 Release 1 allows untrusted applications to launch arbitrary activity. | 7.8 |
| 2022-02-11 | CVE-2022-23427 | Unspecified vulnerability in Google Android 10.0/11.0/12.0 PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent. | 7.1 |
| 2022-02-11 | CVE-2022-23428 | Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0 An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | 7.8 |
| 2022-02-09 | CVE-2022-20024 | Missing Authorization vulnerability in Google Android 11.0/12.0 In system service, there is a possible permission bypass due to a missing permission check. | 7.8 |