Vulnerabilities > Google > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-16 | CVE-2021-39702 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 12.0 In onCreate of RequestManageCredentials.java, there is a possible way for a third party app to install certificates without user approval due to a tapjacking/overlay attack. | 9.3 |
| 2022-03-16 | CVE-2021-39706 | Missing Authorization vulnerability in Google Android 10.0/11.0/12.0 In onResume of CredentialStorage.java, there is a possible way to cleanup content of credentials storage due to a missing permission check. | 9.3 |
| 2022-03-16 | CVE-2021-39708 | Out-of-bounds Write vulnerability in Google Android 12.0 In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to an incorrect bounds check. | 9.8 |
| 2022-03-16 | CVE-2021-39710 | Unspecified vulnerability in Google Android Product: AndroidVersions: Android kernelAndroid ID: A-202160245References: N/A | 10.0 |
| 2022-03-16 | CVE-2021-39720 | Unspecified vulnerability in Google Android Product: AndroidVersions: Android kernelAndroid ID: A-207433926References: N/A | 10.0 |
| 2022-03-16 | CVE-2021-39723 | Unspecified vulnerability in Google Android Product: AndroidVersions: Android kernelAndroid ID: A-209014813References: N/A | 10.0 |
| 2022-03-16 | CVE-2021-39737 | Unspecified vulnerability in Google Android Product: AndroidVersions: Android kernelAndroid ID: A-208229524References: N/A | 10.0 |
| 2022-02-12 | CVE-2022-0097 | Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page. | 9.6 |
| 2022-02-11 | CVE-2021-39616 | Unspecified vulnerability in Google Android Summary:Product: AndroidVersions: Android SoCAndroid ID: A-204686438 | 10.0 |
| 2022-02-11 | CVE-2021-39635 | Incorrect Default Permissions vulnerability in Google Android ims_ex is a vendor system service used to manage VoLTE in unisoc devices,But it does not verify the caller's permissions,so that normal apps (No phone permissions) can obtain some VoLTE sensitive information and manage VoLTE calls.Product: AndroidVersions: Android SoCAndroid ID: A-206492634 | 9.1 |