Vulnerabilities > Google > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-11 | CVE-2022-20081 | Improper Certificate Validation vulnerability in Google Android 10.0/11.0/12.0 In A-GPS, there is a possible man in the middle attack due to improper certificate validation. | 5.9 |
| 2022-04-11 | CVE-2022-25831 | Unspecified vulnerability in Google Android 10.0/11.0/12.0 Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to access secured data in certain conditions. low complexity google | 4.6 |
| 2022-04-11 | CVE-2022-25832 | Improper Authentication vulnerability in Google Android 11.0/12.0 Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to use locked Myfiles app without authentication. | 6.8 |
| 2022-04-11 | CVE-2022-26091 | Improper Authentication vulnerability in Google Android 10.0/11.0/12.0 Improper access control vulnerability in Knox Manage prior to SMR Apr-2022 Release 1 allows that physical attackers can bypass Knox Manage using a function key of hardware keyboard. | 6.8 |
| 2022-04-11 | CVE-2022-27821 | Out-of-bounds Read vulnerability in Google Android 10.0/11.0/12.0 Improper boundary check in Quram Agif library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via crafted image file. | 5.5 |
| 2022-04-11 | CVE-2022-27822 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/12.0 Information exposure vulnerability in ril property setting prior to SMR April-2022 Release 1 allows access to EF_RUIMID value without permission. | 5.5 |
| 2022-04-11 | CVE-2022-27831 | Out-of-bounds Read vulnerability in Google Android 10.0/11.0/12.0 Improper boundary check in sflvd_rdbuf_bits of libsflvextractor prior to SMR Apr-2022 Release 1 allows attackers to read out of bounds memory. | 4.4 |
| 2022-03-30 | CVE-2021-39740 | Improper Input Validation vulnerability in Google Android 12.1 In Messaging, there is a possible way to bypass attachment restrictions due to improper input validation. | 5.5 |
| 2022-03-30 | CVE-2021-39742 | Missing Authorization vulnerability in Google Android 12.1 In Voicemail, there is a possible way to retrieve a trackable identifier due to a missing permission check. | 5.5 |
| 2022-03-30 | CVE-2021-39744 | Information Exposure Through Discrepancy vulnerability in Google Android 12.1 In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 5.5 |