Vulnerabilities > Google > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-11 | CVE-2024-27237 | Incorrect Calculation of Buffer Size vulnerability in Google Android In wipe_ns_memory of nsmemwipe.c, there is a possible incorrect size calculation due to a logic error in the code. | 5.5 |
| 2024-03-11 | CVE-2024-0044 | Injection vulnerability in Google Android In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. | 6.7 |
| 2024-03-11 | CVE-2024-0045 | Out-of-bounds Read vulnerability in Google Android In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds read due to improper input validation. | 6.5 |
| 2024-03-11 | CVE-2024-0047 | Unspecified vulnerability in Google Android 14.0 In writeUserLP of UserManagerService.java, device policies are serialized with an incorrect tag due to a logic error in the code. | 5.5 |
| 2024-03-04 | CVE-2024-20020 | Out-of-bounds Write vulnerability in Google Android 13.0 In OPTEE, there is a possible out of bounds write due to an incorrect bounds check. | 4.4 |
| 2024-03-04 | CVE-2024-20022 | In lk, there is a possible escalation of privilege due to a missing bounds check. | 6.7 |
| 2024-02-16 | CVE-2024-0016 | Out-of-bounds Read vulnerability in Google Android In multiple locations, there is a possible out of bounds read due to a missing bounds check. | 5.3 |
| 2024-02-16 | CVE-2024-0017 | Incorrect Authorization vulnerability in Google Android In shouldUseNoOpLocation of CameraActivity.java, there is a possible confused deputy due to a permissions bypass. | 5.5 |
| 2024-02-16 | CVE-2024-0019 | Unspecified vulnerability in Google Android In setListening of AppOpsControllerImpl.java, there is a possible way to hide the microphone privacy indicator when restarting systemUI due to a missing check for active recordings. | 5.0 |
| 2024-02-16 | CVE-2024-0020 | Unspecified vulnerability in Google Android In onActivityResult of NotificationSoundPreference.java, there is a possible way to hear audio files belonging to a different user due to a confused deputy. | 5.5 |