Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-15 | CVE-2021-0932 | Unspecified vulnerability in Google Android 10.0 In showNotification of NavigationModeController.java, there is a possible confused deputy due to an unsafe PendingIntent. | 7.8 |
| 2021-12-15 | CVE-2021-0933 | Improper Encoding or Escaping of Output vulnerability in Google Android In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation. | 8.0 |
| 2021-12-15 | CVE-2021-0953 | Improper Preservation of Permissions vulnerability in Google Android In setOnClickActivityIntent of SearchWidgetProvider.java, there is a possible way to access contacts and history bookmarks without permission due to an unsafe PendingIntent. | 7.8 |
| 2021-12-15 | CVE-2021-0954 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0 In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay attack. | 7.3 |
| 2021-12-15 | CVE-2021-0955 | Race Condition vulnerability in Google Android 11.0 In pf_write_buf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. | 7.0 |
| 2021-12-15 | CVE-2021-0963 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. | 7.1 |
| 2021-12-15 | CVE-2021-0965 | Missing Authorization vulnerability in Google Android In AndroidManifest.xml of Settings, there is a possible pairing of a Bluetooth device without user's consent due to a missing permission check. | 8.8 |
| 2021-12-15 | CVE-2021-0967 | Out-of-bounds Write vulnerability in Google Android In vorbis_book_decodev_set of codebook.c, there is a possible out of bounds write due to a missing bounds check. | 8.8 |
| 2021-12-15 | CVE-2021-0968 | Integer Overflow or Wraparound vulnerability in Google Android In osi_malloc and osi_calloc of allocator.cc, there is a possible out of bounds write due to an integer overflow. | 8.8 |
| 2021-12-15 | CVE-2021-0970 | Deserialization of Untrusted Data vulnerability in Google Android In createFromParcel of GpsNavigationMessage.java, there is a possible Parcel serialization/deserialization mismatch. | 7.8 |