Vulnerabilities > Google > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-11 | CVE-2022-26098 | Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0 Heap-based buffer overflow vulnerability in sheifd_create function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers. | 10.0 |
| 2022-04-11 | CVE-2022-27568 | Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0 Heap-based buffer overflow vulnerability in parser_iloc function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker. | 10.0 |
| 2022-04-11 | CVE-2022-27569 | Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0 Heap-based buffer overflow vulnerability in parser_infe function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker. | 10.0 |
| 2022-04-11 | CVE-2022-27570 | Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0 Heap-based buffer overflow vulnerability in parser_single_iref function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker. | 10.0 |
| 2022-04-11 | CVE-2022-27571 | Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0 Heap-based buffer overflow vulnerability in sheifd_get_info_image function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker. | 10.0 |
| 2022-04-11 | CVE-2022-27572 | Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0 Heap-based buffer overflow vulnerability in parser_ipma function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers. | 10.0 |
| 2022-04-05 | CVE-2022-0790 | Use After Free vulnerability in Google Chrome Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2022-03-30 | CVE-2021-39787 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 12.0 In SystemUI, there is a possible arbitrary Activity launch due to a confused deputy. | 9.3 |
| 2022-03-16 | CVE-2021-39692 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0/12.0 In onCreate of SetupLayoutActivity.java, there is a possible way to setup a work profile bypassing user consent due to a tapjacking/overlay attack. | 9.3 |
| 2022-03-16 | CVE-2021-39701 | Improper Input Validation vulnerability in Google Android 11.0/12.0 In serviceConnection of ControlsProviderLifecycleManager.kt, there is a possible way to keep service running in foreground without notification or permission due to improper input validation. | 9.3 |