Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-14 | CVE-2021-0600 | Improper Input Validation vulnerability in Google Android In onCreate of DeviceAdminAdd.java, there is a possible way to mislead a user to activate a device admin app due to improper input validation. | 7.8 |
| 2021-07-14 | CVE-2021-0602 | Information Exposure vulnerability in Google Android 10.0/11.0 In onCreateOptionsMenu of WifiNetworkDetailsFragment.java, there is a possible way for guest users to view and modify Wi-Fi settings for all configured APs due to a permissions bypass. | 7.8 |
| 2021-07-14 | CVE-2021-0603 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0 In onCreate of ContactSelectionActivity.java, there is a possible way to get access to contacts without permission due to a tapjacking/overlay attack. | 7.8 |
| 2021-07-08 | CVE-2021-25426 | Unspecified vulnerability in Google Android 10.0/11.0/9.0 Improper component protection vulnerability in SmsViewerActivity of Samsung Message prior to SMR July-2021 Release 1 allows untrusted applications to access Message files. | 7.5 |
| 2021-07-08 | CVE-2021-25428 | Improper Privilege Management vulnerability in Google Android Improper validation check vulnerability in PackageManager prior to SMR July-2021 Release 1 allows untrusted applications to get dangerous level permission without user confirmation in limited circumstances. | 7.8 |
| 2021-06-22 | CVE-2021-0536 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 11.0 In dropFile of WiFiInstaller, there is a way to delete files accessible to CertInstaller due to a confused deputy. | 7.8 |
| 2021-06-22 | CVE-2021-0537 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0 In onCreate of WiFiInstaller.java, there is a possible way to install a malicious Hotspot 2.0 configuration due to a tapjacking/overlay attack. | 7.3 |
| 2021-06-22 | CVE-2021-0538 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0 In onCreate of EmergencyCallbackModeExitDialog.java, there is a possible exit of emergency callback mode due to a tapjacking/overlay attack. | 7.3 |
| 2021-06-22 | CVE-2021-0539 | Missing Authorization vulnerability in Google Android 11.0 In archiveStoredConversation of MmsService.java, there is a possible way to archive message conversation without user consent due to a missing permission check. | 7.8 |
| 2021-06-22 | CVE-2021-0547 | Missing Authorization vulnerability in Google Android 11.0 In onReceive of NetInitiatedActivity.java, there is a possible way to supply an attacker-controlled value to a GPS HAL handler due to a missing permission check. | 7.8 |