Vulnerabilities > Google > Android > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-15 | CVE-2021-0996 | Out-of-bounds Read vulnerability in Google Android 12.0 In nfaHciCallback of HciEventManager.cpp, there is a possible out of bounds read due to a missing bounds check. | 2.7 |
| 2021-12-15 | CVE-2021-0995 | Information Exposure Through Discrepancy vulnerability in Google Android 12.0 In registerSuggestionConnectionStatusListener of WifiServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 2.1 |
| 2021-12-15 | CVE-2021-0994 | Missing Authorization vulnerability in Google Android 12.0 In requestRouteToHostAddress of ConnectivityService.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. | 2.1 |
| 2021-12-15 | CVE-2021-0992 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0 In onCreate of PaymentDefaultDialog.java, there is a possible way to change a default payment app without user consent due to tapjack overlay. | 1.9 |
| 2021-12-15 | CVE-2021-0991 | Information Exposure Through Log Files vulnerability in Google Android 12.0 In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure. | 2.7 |
| 2021-12-15 | CVE-2021-0990 | Information Exposure Through Discrepancy vulnerability in Google Android 12.0 In getDeviceId of PhoneSubInfoController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 2.1 |
| 2021-12-15 | CVE-2021-0989 | Information Exposure Through Discrepancy vulnerability in Google Android 12.0 In hasManageOngoingCallsPermission of TelecomServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 2.1 |
| 2021-12-15 | CVE-2021-0988 | Information Exposure Through Discrepancy vulnerability in Google Android 12.0 In getLaunchedFromUid and getLaunchedFromPackage of ActivityClientController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 2.1 |
| 2021-12-15 | CVE-2021-0987 | Information Exposure Through Discrepancy vulnerability in Google Android 12.0 In getNeighboringCellInfo of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 2.1 |
| 2021-12-15 | CVE-2021-0983 | Information Exposure vulnerability in Google Android 12.1 In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible disclosure of information about installed device/profile owner package name due to side channel information disclosure. | 3.3 |