Vulnerabilities > Google > Android > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-02-11 CVE-2021-0524 Information Exposure Through Discrepancy vulnerability in Google Android 12.0
In isServiceDistractionOptimized of CarPackageManagerService.java, there is a possible disclosure of installed packages due to side channel information disclosure.
local
low complexity
google CWE-203
5.5
5.5
2022-02-11 CVE-2021-39631 Unspecified vulnerability in Google Android 10.0/11.0/12.0
In clear_data_dlg_text of strings.xml, there is a possible situation when "Clear storage" functionality sets up the wrong security/privacy expectations due to a misleading message.
local
low complexity
google
5.5
5.5
2022-02-11 CVE-2021-39664 Out-of-bounds Read vulnerability in Google Android 12.0
In LoadedPackage::Load of LoadedArsc.cpp, there is a possible out of bounds read due to a missing bounds check.
local
low complexity
google CWE-125
5.5
5.5
2022-02-11 CVE-2021-39665 Out-of-bounds Write vulnerability in Google Android 12.0
In checkSpsUpdated of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow.
network
low complexity
google CWE-787
6.5
6.5
2022-02-11 CVE-2021-39666 Out-of-bounds Read vulnerability in Google Android 11.0/12.0
In extract of MediaMetricsItem.h, there is a possible out of bounds read due to improper input validation.
local
low complexity
google CWE-125
5.5
5.5
2022-02-11 CVE-2021-39671 Use of Uninitialized Resource vulnerability in Google Android 12.0
In code generated by aidl_const_expressions.cpp, there is a possible out of bounds read due to uninitialized data.
network
low complexity
google CWE-908
6.5
6.5
2022-02-11 CVE-2021-39687 Out-of-bounds Read vulnerability in Google Android
In HandleTransactionIoEvent of actuator_driver.cc, there is a possible out of bounds read due to a heap buffer overflow.
local
low complexity
google CWE-125
5.5
5.5
2022-02-11 CVE-2021-39688 Out-of-bounds Read vulnerability in Google Android
In TBD of TBD, there is a possible out of bounds read due to TBD.
local
low complexity
google CWE-125
5.5
5.5
2022-02-11 CVE-2022-22291 Unspecified vulnerability in Google Android 10.0/11.0/12.0
Logging of excessive data vulnerability in telephony prior to SMR Feb-2022 Release 1 allows privileged attackers to get Cell Location Information through log of user device.
local
low complexity
google
5.5
5.5
2022-02-11 CVE-2022-23426 Unspecified vulnerability in Google Android 10.0/11.0
A vulnerability using PendingIntent in DeX Home and DeX for PC prior to SMR Feb-2022 Release 1 allows attackers to access files with system privilege.
local
low complexity
google
6.0
6.0