Vulnerabilities > Google > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-15 | CVE-2023-20711 | Out-of-bounds Read vulnerability in Google Android 11.0/12.0/13.0 In keyinstall, there is a possible out of bounds read due to a missing bounds check. | 4.4 |
| 2023-05-15 | CVE-2023-20717 | Unspecified vulnerability in Google Android 11.0/12.0/13.0 In vcu, there is a possible leak of dma buffer due to a race condition. | 4.1 |
| 2023-05-15 | CVE-2023-20718 | Improper Input Validation vulnerability in multiple products In vcu, there is a possible out of bounds write due to a missing bounds check. | 6.7 |
| 2023-05-15 | CVE-2023-20719 | Improper Input Validation vulnerability in Google Android 12.0/13.0 In pqframework, there is a possible out of bounds read due to a missing bounds check. | 4.4 |
| 2023-05-15 | CVE-2023-20720 | Improper Input Validation vulnerability in Google Android 12.0/13.0 In pqframework, there is a possible out of bounds read due to a missing bounds check. | 6.7 |
| 2023-05-15 | CVE-2023-20721 | Improper Input Validation vulnerability in multiple products In isp, there is a possible out of bounds write due to improper input validation. | 6.7 |
| 2023-05-15 | CVE-2023-20722 | Improper Input Validation vulnerability in Google Android 12.0/13.0 In m4u, there is a possible out of bounds write due to improper input validation. | 6.7 |
| 2023-05-15 | CVE-2023-20914 | Cleartext Storage of Sensitive Information vulnerability in Google Android 11.0 In onSetRuntimePermissionGrantStateByDeviceAdmin of AdminRestrictedPermissionsUtils.java, there is a possible way for the work profile to read SMS messages due to a permissions bypass. | 5.5 |
| 2023-05-15 | CVE-2023-20930 | Resource Exhaustion vulnerability in Google Android In pushDynamicShortcut of ShortcutPackage.java, there is a possible way to get the device into a boot loop due to resource exhaustion. | 5.5 |
| 2023-05-15 | CVE-2023-21103 | Unspecified vulnerability in Google Android In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted user data could lead to local persistent denial of service with no additional execution privileges needed. | 5.5 |