Vulnerabilities > Google > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-15 | CVE-2023-21104 | Incorrect Default Permissions vulnerability in Google Android 12.1/13.0 In applySyncTransaction of WindowOrganizer.java, a missing permission check could lead to local information disclosure with no additional execution privileges needed. | 5.5 |
| 2023-05-15 | CVE-2023-21111 | Improper Input Validation vulnerability in Google Android In several functions of PhoneAccountRegistrar.java, there is a possible way to prevent an access to emergency services due to improper input validation. | 5.5 |
| 2023-05-15 | CVE-2023-21112 | Out-of-bounds Read vulnerability in Google Android In AnalyzeMfcResp of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. | 5.5 |
| 2023-05-15 | CVE-2023-21116 | Unspecified vulnerability in Google Android In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. | 6.7 |
| 2023-05-15 | CVE-2023-21118 | Out-of-bounds Read vulnerability in Google Android In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. | 5.5 |
| 2023-05-09 | CVE-2022-38685 | Missing Authorization vulnerability in Google Android 10.0/11.0/12.0 In bluetooth service, there is a possible missing permission check. | 5.5 |
| 2023-05-09 | CVE-2022-39089 | Out-of-bounds Read vulnerability in Google Android 10.0/11.0 In mlog service, there is a possible out of bounds read due to a missing bounds check. | 4.4 |
| 2023-05-09 | CVE-2022-44419 | Unspecified vulnerability in Google Android In modem, there is a possible missing verification of NAS Security Mode Command Replay Attacks in LTE. | 5.5 |
| 2023-05-09 | CVE-2022-44420 | Insufficient Verification of Data Authenticity vulnerability in Google Android In modem, there is a possible missing verification of HashMME value in Security Mode Command. | 5.5 |
| 2023-05-09 | CVE-2022-47334 | Out-of-bounds Read vulnerability in Google Android 10.0/11.0/12.0 In phasecheck server, there is a possible out of bounds read due to a missing bounds check. | 4.4 |