Vulnerabilities > Google > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-08 | CVE-2023-48412 | Unspecified vulnerability in Google Android In private_handle_t of mali_gralloc_buffer.h, there is a possible information leak due to a logic error in the code. | 5.5 |
| 2023-12-08 | CVE-2023-48413 | Out-of-bounds Read vulnerability in Google Android In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. | 4.9 |
| 2023-12-08 | CVE-2023-48414 | Use After Free vulnerability in Google Android In the Pixel Camera Driver, there is a possible use after free due to a logic error in the code. | 6.7 |
| 2023-12-08 | CVE-2023-48415 | Out-of-bounds Read vulnerability in Google Android In Init of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. | 5.5 |
| 2023-12-08 | CVE-2023-48420 | Race Condition vulnerability in Google Android there is a possible use after free due to a race condition. | 6.4 |
| 2023-12-08 | CVE-2023-48422 | Out-of-bounds Read vulnerability in Google Android In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. | 5.5 |
| 2023-12-08 | CVE-2023-45866 | Improper Authentication vulnerability in multiple products Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. | 6.3 |
| 2023-12-04 | CVE-2023-35668 | Unspecified vulnerability in Google Android In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. | 5.5 |
| 2023-12-04 | CVE-2023-40073 | Unspecified vulnerability in Google Android In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy. | 5.5 |
| 2023-12-04 | CVE-2023-40074 | Unspecified vulnerability in Google Android In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. | 5.5 |