Vulnerabilities > Google > Android > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-08 CVE-2023-48415 Out-of-bounds Read vulnerability in Google Android
In Init of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check.
local
low complexity
google CWE-125
5.5
2023-12-08 CVE-2023-48420 Race Condition vulnerability in Google Android
there is a possible use after free due to a race condition.
local
high complexity
google CWE-362
6.4
2023-12-08 CVE-2023-48422 Out-of-bounds Read vulnerability in Google Android
In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check.
local
low complexity
google CWE-125
5.5
2023-12-08 CVE-2023-45866 Improper Authentication vulnerability in multiple products
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access.
6.3
2023-12-04 CVE-2023-35668 Unspecified vulnerability in Google Android
In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy.
local
low complexity
google
5.5
2023-12-04 CVE-2023-40073 Unspecified vulnerability in Google Android
In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy.
local
low complexity
google
5.5
2023-12-04 CVE-2023-40074 Unspecified vulnerability in Google Android
In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed.
local
low complexity
google
5.5
2023-12-04 CVE-2023-40075 Unspecified vulnerability in Google Android
In forceReplaceShortcutInner of ShortcutPackage.java, there is a possible way to register unlimited packages due to a missing bounds check.
local
low complexity
google
5.5
2023-12-04 CVE-2023-40076 Unspecified vulnerability in Google Android 14.0
In createPendingIntent of CredentialManagerUi.java, there is a possible way to access credentials from other users due to a permissions bypass.
local
low complexity
google
5.5
2023-12-04 CVE-2023-40081 Unspecified vulnerability in Google Android
In loadMediaDataInBgForResumption of MediaDataManager.kt, there is a possible way to view another user's images due to a confused deputy.
local
low complexity
google
5.5