Vulnerabilities > Google > Android > High

DATE CVE VULNERABILITY TITLE RISK
2022-01-14 CVE-2021-39618 Unspecified vulnerability in Google Android
In multiple methods of EuiccNotificationManager.java, there is a possible way to install existing packages without user consent due to an unsafe PendingIntent.
local
low complexity
google
7.8
2022-01-14 CVE-2021-39620 Use After Free vulnerability in Google Android 11.0/12.0
In ipcSetDataReference of Parcel.cpp, there is a possible way to corrupt memory due to a use after free.
local
low complexity
google CWE-416
7.8
2022-01-14 CVE-2021-39621 Incorrect Permission Assignment for Critical Resource vulnerability in Google Android
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent.
local
low complexity
google CWE-732
7.8
2022-01-14 CVE-2021-39622 Missing Authorization vulnerability in Google Android 10.0/11.0/12.0
In GBoard, there is a possible way to bypass Factory Reset Protection due to a missing permission check.
local
low complexity
google CWE-862
7.8
2022-01-14 CVE-2021-39625 Unspecified vulnerability in Google Android
In showCarrierAppInstallationNotification of EuiccNotificationManager.java, there is a possible way to gain an access to MediaProvider content due to an unsafe PendingIntent.
local
low complexity
google
7.3
2022-01-14 CVE-2021-39626 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android
In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy.
local
low complexity
google CWE-610
7.8
2022-01-14 CVE-2021-39627 Incorrect Permission Assignment for Critical Resource vulnerability in Google Android
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent.
local
low complexity
google CWE-732
7.8
2022-01-14 CVE-2021-39629 Use After Free vulnerability in Google Android
In phTmlNfc_Init and phTmlNfc_CleanUp of phTmlNfc.cc, there is a possible use after free due to a race condition.
local
high complexity
google CWE-416
7.0
2022-01-14 CVE-2021-39630 Incorrect Authorization vulnerability in Google Android 12.0
In executeRequest of OverlayManagerService.java, there is a possible way to control fabricated overlays from adb shell due to a permissions bypass.
local
low complexity
google CWE-863
7.8
2022-01-14 CVE-2021-39632 Out-of-bounds Write vulnerability in Google Android 11.0/12.0
In inotify_cb of events.cpp, there is a possible out of bounds write due to an incorrect bounds check.
local
low complexity
google CWE-787
7.8