Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-14 | CVE-2021-0959 | Unspecified vulnerability in Google Android 12.0 In jit_memory_region.cc, there is a possible bypass of memory restrictions due to a logic error in the code. | 7.8 |
| 2022-01-14 | CVE-2021-1035 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 10.0/12.0 In setLaunchIntent of BluetoothDevicePickerPreferenceController.java, there is a possible way to invoke an arbitrary broadcast receiver due to a confused deputy. | 7.8 |
| 2022-01-14 | CVE-2021-1036 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In LocationSettingsActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. | 7.8 |
| 2022-01-14 | CVE-2021-39618 | Unspecified vulnerability in Google Android In multiple methods of EuiccNotificationManager.java, there is a possible way to install existing packages without user consent due to an unsafe PendingIntent. | 7.8 |
| 2022-01-14 | CVE-2021-39620 | Use After Free vulnerability in Google Android 11.0/12.0 In ipcSetDataReference of Parcel.cpp, there is a possible way to corrupt memory due to a use after free. | 7.8 |
| 2022-01-14 | CVE-2021-39621 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. | 7.8 |
| 2022-01-14 | CVE-2021-39622 | Missing Authorization vulnerability in Google Android 10.0/11.0/12.0 In GBoard, there is a possible way to bypass Factory Reset Protection due to a missing permission check. | 7.8 |
| 2022-01-14 | CVE-2021-39625 | Unspecified vulnerability in Google Android In showCarrierAppInstallationNotification of EuiccNotificationManager.java, there is a possible way to gain an access to MediaProvider content due to an unsafe PendingIntent. | 7.3 |
| 2022-01-14 | CVE-2021-39626 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. | 7.8 |
| 2022-01-14 | CVE-2021-39627 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. | 7.8 |