Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-15 | CVE-2021-0981 | Unspecified vulnerability in Google Android 10.0/11.0 In enqueueNotificationInternal of NotificationManagerService.java, there is a possible way to run a foreground service without showing a notification due to improper input validation. | 7.8 |
| 2021-12-15 | CVE-2021-0984 | Improper Resource Shutdown or Release vulnerability in Google Android 12.0 In onNullBinding of ManagedServices.java, there is a possible permission bypass due to an incorrectly unbound service. | 7.8 |
| 2021-12-15 | CVE-2021-0985 | Missing Authorization vulnerability in Google Android 12.0 In onReceive of AlertReceiver.java, there is a possible way to dismiss system dialog due to a missing permission check. | 7.8 |
| 2021-12-15 | CVE-2021-0999 | Missing Authorization vulnerability in Google Android 12.0 In the broadcast definition in AndroidManifest.xml, there is a possible way to set the A2DP bluetooth device connection state due to a missing permission check. | 7.8 |
| 2021-12-15 | CVE-2021-1002 | Out-of-bounds Read vulnerability in Google Android 12.0 In WT_Interpolate of eas_wtengine.c, there is a possible out of bounds read due to a missing bounds check. | 7.5 |
| 2021-12-15 | CVE-2021-1003 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 12.0 In adjustStreamVolume of AudioService.java, there is a possible way for unprivileged app to change audio stream volume due to a confused deputy. | 7.8 |
| 2021-12-15 | CVE-2021-1004 | Missing Authorization vulnerability in Google Android 12.0 In getConfiguredNetworks of WifiServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. | 7.8 |
| 2021-12-15 | CVE-2021-1016 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0 In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB without informed user consent due to a tapjacking/overlay attack. | 7.3 |
| 2021-12-15 | CVE-2021-1017 | Missing Authorization vulnerability in Google Android 12.0 In AdapterService and GattService definition of AndroidManifest.xml, there is a possible way to disable bluetooth connection due to a missing permission check. | 7.8 |
| 2021-12-15 | CVE-2021-1019 | Unspecified vulnerability in Google Android 12.0 In snoozeNotification of NotificationListenerService.java, there is a possible permission confusion due to a misleading user consent dialog. | 7.3 |