Vulnerabilities > Google > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-14 | CVE-2023-21279 | Unspecified vulnerability in Google Android 12.0/12.1/13.0 In visitUris of RemoteViews.java, there is a possible cross-user media read due to a confused deputy. | 5.5 |
| 2023-08-14 | CVE-2023-21280 | Resource Exhaustion vulnerability in Google Android 12.0/12.1/13.0 In setMediaButtonBroadcastReceiver of MediaSessionRecord.java, there is a possible permanent DoS due to resource exhaustion. | 5.5 |
| 2023-08-14 | CVE-2023-21283 | Unspecified vulnerability in Google Android In multiple functions of StatusHints.java, there is a possible way to reveal images across users due to a confused deputy. | 5.5 |
| 2023-08-14 | CVE-2023-21284 | Improper Input Validation vulnerability in Google Android In multiple functions of DevicePolicyManager.java, there is a possible way to prevent enabling the Find my Device feature due to improper input validation. | 5.5 |
| 2023-08-14 | CVE-2023-21285 | Unspecified vulnerability in Google Android In setMetadata of MediaSessionRecord.java, there is a possible way to view another user's images due to a confused deputy. | 5.5 |
| 2023-08-14 | CVE-2023-21288 | Missing Authorization vulnerability in Google Android In visitUris of Notification.java, there is a possible way to reveal images across users due to a missing permission check. | 5.5 |
| 2023-08-14 | CVE-2023-21289 | Unspecified vulnerability in Google Android In multiple locations, there is a possible bypass of a multi user security boundary due to a confused deputy. | 5.5 |
| 2023-08-14 | CVE-2023-21290 | Race Condition vulnerability in Google Android In update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. | 5.5 |
| 2023-08-14 | CVE-2023-21292 | Unspecified vulnerability in Google Android In openContentUri of ActivityManagerService.java, there is a possible way for a third party app to obtain restricted files due to a confused deputy. | 5.5 |
| 2023-08-14 | CVE-2023-21132 | Missing Authorization vulnerability in Google Android 12.0/12.1/13.0 In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. | 6.8 |