Vulnerabilities > Google
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-19 | CVE-2017-13315 | Incorrect Calculation of Buffer Size vulnerability in Google Android In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch. | 7.8 |
| 2024-11-19 | CVE-2018-9338 | Out-of-bounds Write vulnerability in Google Android In ResStringPool::setTo of ResourceTypes.cpp, there is a possible out of bounds write due to a missing bounds check. | 7.8 |
| 2024-11-19 | CVE-2023-21270 | Incorrect Authorization vulnerability in Google Android 12.0/12.1/13.0 In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an app to keep permissions that should be revoked due to incorrect permission flags cleared during an update. | 7.8 |
| 2024-11-15 | CVE-2017-13310 | Incorrect Default Permissions vulnerability in Google Android In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass. | 7.8 |
| 2024-11-15 | CVE-2017-13311 | Unspecified vulnerability in Google Android In the read() function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass. | 6.7 |
| 2024-11-15 | CVE-2017-13312 | Unspecified vulnerability in Google Android 8.0 In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to improper input validation. | 7.8 |
| 2024-11-15 | CVE-2017-13313 | Infinite Loop vulnerability in Google Android In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. | 6.5 |
| 2024-11-15 | CVE-2017-13314 | Missing Authorization vulnerability in Google Android In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. | 7.8 |
| 2024-11-15 | CVE-2017-13309 | Unspecified vulnerability in Google Android 8.1 In readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to improperly used crypto. | 5.5 |
| 2024-11-14 | CVE-2017-13227 | Unspecified vulnerability in Google Android 8.0/8.1 In the autofill service, the package name that is provided by the app process is trusted inappropriately. | 5.5 |