Vulnerabilities > Google > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-13 | CVE-2020-0017 | Unspecified vulnerability in Google Android In multiple places, it was possible for the primary user’s dictionary to be visible to and modifiable by secondary users. | 4.4 |
| 2020-02-13 | CVE-2020-0014 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android It is possible for a malicious application to construct a TYPE_TOAST window manually and make that window clickable. | 5.5 |
| 2020-02-13 | CVE-2020-0005 | Out-of-bounds Write vulnerability in Google Android In btm_read_remote_ext_features_complete of btm_acl.cc, there is a possible out of bounds write due to a missing bounds check. | 6.7 |
| 2020-01-24 | CVE-2015-1525 | Improper Input Validation vulnerability in Google Android audio/AudioPolicyManagerBase.cpp in Android before 5.1 allows attackers to cause a denial of service (audio_policy application outage) via a crafted application that provides a NULL device address. | 5.5 |
| 2020-01-08 | CVE-2020-0008 | Out-of-bounds Read vulnerability in Google Android In LowEnergyClient::MtuChangedCallback of low_energy_client.cc, there is a possible out of bounds read due to a race condition. | 4.7 |
| 2020-01-08 | CVE-2020-0007 | Use of Uninitialized Resource vulnerability in Google Android In flattenString8 of Sensor.cpp, there is a possible information disclosure of heap memory due to uninitialized data. | 5.5 |
| 2020-01-08 | CVE-2020-0006 | Use of Uninitialized Resource vulnerability in Google Android In rw_i93_send_cmd_write_single_block of rw_i93.cc, there is a possible information disclosure of heap memory due to uninitialized data. | 6.5 |
| 2020-01-08 | CVE-2020-0004 | Improper Handling of Exceptional Conditions vulnerability in Google Android In generateCrop of WallpaperManagerService.java, there is a possible sysui crash due to image exceeding maximum texture size. | 5.5 |
| 2020-01-08 | CVE-2020-0003 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android 8.0 In onCreate of InstallStart.java, there is a possible package validation bypass due to a time-of-check time-of-use vulnerability. | 6.7 |
| 2020-01-08 | CVE-2016-5346 | Information Exposure vulnerability in Google Android An Information Disclosure vulnerability exists in the Google Pixel/Pixel SL Qualcomm Avtimer Driver due to a NULL pointer dereference when processing an accept system call by the user process on AF_MSM_IPC sockets, which could let a local malicious user obtain sensitive information (Android Bug ID A-32551280). | 5.5 |