Vulnerabilities > Google > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-14 | CVE-2021-39633 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In gre_handle_offloads of ip_gre.c, there is a possible page fault due to an invalid memory access. | 5.5 |
| 2022-01-14 | CVE-2021-39659 | Improper Handling of Exceptional Conditions vulnerability in Google Android 10.0/11.0/12.0 In sortSimPhoneAccountsForEmergency of CreateConnectionProcessor.java, there is a possible prevention of access to emergency calling due to an unhandled exception. | 5.5 |
| 2022-01-14 | CVE-2021-39680 | Use of Uninitialized Resource vulnerability in Google Android In sec_SHA256_Transform of sha256_core.c, there is a possible way to read heap data due to uninitialized data. | 4.4 |
| 2022-01-14 | CVE-2021-39683 | Out-of-bounds Write vulnerability in Google Android In copy_from_mbox of sss_ice_util.c, there is a possible out of bounds write due to a missing bounds check. | 6.7 |
| 2022-01-10 | CVE-2022-22263 | Improper Privilege Management vulnerability in Google Android 11.0 Unprotected dynamic receiver in SecSettings prior to SMR Jan-2022 Release 1 allows untrusted applications to launch arbitrary activity. | 5.5 |
| 2022-01-10 | CVE-2022-22268 | Files or Directories Accessible to External Parties vulnerability in Google Android Incorrect implementation of Knox Guard prior to SMR Jan-2022 Release 1 allows physically proximate attackers to temporary unlock the Knox Guard via Samsung DeX mode. | 6.1 |
| 2022-01-10 | CVE-2022-22271 | Out-of-bounds Read vulnerability in Google Android 10.0/11.0/9.0 A missing input validation before memory copy in TIMA trustlet prior to SMR Jan-2022 Release 1 allows attackers to copy data from arbitrary memory. | 5.5 |
| 2022-01-04 | CVE-2022-20013 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android 10.0/11.0 In vow driver, there is a possible memory corruption due to a race condition. | 6.4 |
| 2022-01-04 | CVE-2022-20014 | Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0 In vow driver, there is a possible memory corruption due to improper input validation. | 6.7 |
| 2022-01-04 | CVE-2022-20015 | Use of Uninitialized Resource vulnerability in Google Android 10.0/11.0 In kd_camera_hw driver, there is a possible information disclosure due to uninitialized data. | 4.4 |