Vulnerabilities > Google > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-11 | CVE-2021-39635 | Incorrect Default Permissions vulnerability in Google Android ims_ex is a vendor system service used to manage VoLTE in unisoc devices,But it does not verify the caller's permissions,so that normal apps (No phone permissions) can obtain some VoLTE sensitive information and manage VoLTE calls.Product: AndroidVersions: Android SoCAndroid ID: A-206492634 | 9.1 |
| 2022-02-11 | CVE-2021-39658 | Incorrect Default Permissions vulnerability in Google Android ismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms system service,but it does not check the permissions of the caller,resulting in permission leaks?Third-party apps can use this service to arbitrarily modify and set system properties?Product: AndroidVersions: Android SoCAndroid ID: A-207479207 | 9.8 |
| 2022-02-11 | CVE-2021-39675 | Out-of-bounds Write vulnerability in Google Android 12.0 In GKI_getbuf of gki_buffer.cc, there is a possible out of bounds write due to a heap buffer overflow. | 9.8 |
| 2022-02-11 | CVE-2022-23425 | Improper Input Validation vulnerability in Google Android 10.0/11.0/12.0 Improper input validation in Exynos baseband prior to SMR Feb-2022 Release 1 allows attackers to send arbitrary NAS signaling messages with fake base station. | 9.8 |
| 2022-02-04 | CVE-2022-23587 | Integer Overflow or Wraparound vulnerability in Google Tensorflow Tensorflow is an Open Source Machine Learning Framework. | 9.8 |
| 2022-01-18 | CVE-2021-22566 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Fuchsia An incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead to privileged executable pages being mapped as executable from an unprivileged context. | 9.8 |
| 2022-01-14 | CVE-2021-1049 | Unspecified vulnerability in Google Android Hacker one bug ID: 1343975Product: AndroidVersions: Android SoCAndroid ID: A-204256722 | 9.8 |
| 2022-01-14 | CVE-2021-39623 | Out-of-bounds Write vulnerability in Google Android In doRead of SimpleDecodingSource.cpp, there is a possible out of bounds write due to an incorrect bounds check. | 9.8 |
| 2021-12-23 | CVE-2021-38013 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2021-12-15 | CVE-2021-0889 | Unspecified vulnerability in Google Android In Android TV , there is a possible silent pairing due to lack of rate limiting in the pairing flow. | 9.8 |