Vulnerabilities > Google > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-10 | CVE-2021-39670 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android 12.0/12.1 In setStream of WallpaperManager.java, there is a possible way to cause a permanent DoS due to improper input validation. | 5.5 |
| 2022-05-10 | CVE-2021-39700 | Unspecified vulnerability in Google Android 10.0/11.0/12.0 In the policies of adbd.te, there was a logic error which caused the CTS Listening Ports Test to report invalid results. | 5.5 |
| 2022-05-10 | CVE-2022-20008 | Use of Uninitialized Resource vulnerability in Google Android In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. | 4.6 |
| 2022-05-10 | CVE-2022-20009 | Out-of-bounds Write vulnerability in Google Android In various functions of the USB gadget subsystem, there is a possible out of bounds write due to a missing bounds check. | 6.8 |
| 2022-05-10 | CVE-2022-20010 | Out-of-bounds Read vulnerability in Google Android 12.0/12.1 In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to an incorrect bounds check. | 6.5 |
| 2022-05-10 | CVE-2022-20011 | Missing Authorization vulnerability in Google Android In getArray of NotificationManagerService.java , there is a possible leak of one user notifications to another due to missing check. | 5.5 |
| 2022-05-10 | CVE-2022-20112 | Improper Privilege Management vulnerability in Google Android In getAvailabilityStatus of PrivateDnsPreferenceController.java, there is a possible way for a guest user to change private DNS settings due to a permissions bypass. | 5.5 |
| 2022-05-10 | CVE-2022-20115 | Missing Authorization vulnerability in Google Android 12.0/12.1 In broadcastServiceStateChanged of TelephonyRegistry.java, there is a possible way to learn base station information without location permission due to a missing permission check. | 5.5 |
| 2022-05-03 | CVE-2022-20101 | Path Traversal vulnerability in Google Android 11.0/12.0 In aee daemon, there is a possible information disclosure due to a path traversal. | 5.5 |
| 2022-05-03 | CVE-2022-20102 | Missing Authorization vulnerability in Google Android 11.0/12.0 In aee daemon, there is a possible information disclosure due to a missing permission check. | 4.4 |