Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2024-08-15 CVE-2024-34727 Classic Buffer Overflow vulnerability in Google Android
In sdpu_compare_uuid_with_attr of sdp_utils.cc, there is a possible out of bounds read due to a heap buffer overflow.
network
low complexity
google CWE-120
7.5
2024-08-15 CVE-2024-34731 Race Condition vulnerability in Google Android
In multiple functions of TranscodingResourcePolicy.cpp, there is a possible memory corruption due to a race condition.
local
high complexity
google CWE-362
7.0
2024-08-15 CVE-2024-34734 Insecure Default Initialization of Resource vulnerability in Google Android 13.0/14.0
In onForegroundServiceButtonClicked of FooterActionsViewModel.kt, there is a possible way to disable the active VPN app from the lockscreen due to an insecure default value.
local
low complexity
google CWE-1188
7.8
2024-08-15 CVE-2024-34736 Unspecified vulnerability in Google Android
In setupVideoEncoder of StagefrightRecorder.cpp, there is a possible asynchronous playback when B-frame support is enabled.
local
low complexity
google
7.8
2024-08-15 CVE-2024-34737 Unspecified vulnerability in Google Android
In ensureSetPipAspectRatioQuotaTracker of ActivityClientController.java, there is a possible way to generate unmovable and undeletable pip windows due to a logic error in the code.
local
low complexity
google
7.8
2024-08-15 CVE-2024-34738 Unspecified vulnerability in Google Android 13.0/14.0
In multiple functions of AppOpsService.java, there is a possible way for unprivileged apps to read their own restrictRead app-op states due to a logic error in the code.
local
low complexity
google
7.8
2024-08-15 CVE-2024-34739 Unspecified vulnerability in Google Android
In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible escape from SUW due to a logic error in the code.
local
low complexity
google
7.8
2024-08-15 CVE-2024-34740 Integer Overflow or Wraparound vulnerability in Google Android
In attributeBytesBase64 and attributeBytesHex of BinaryXmlSerializer.java, there is a possible arbitrary XML injection due to an integer overflow.
local
low complexity
google CWE-190
7.8
2024-08-15 CVE-2024-34741 Unspecified vulnerability in Google Android
In setForceHideNonSystemOverlayWindowIfNeeded of WindowState.java, there is a possible way for message content to be visible on the screensaver while lock screen visibility settings are restricted by the user due to a logic error in the code.
local
low complexity
google
7.8
2024-08-15 CVE-2024-34743 Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 14.0
In setTransactionState of SurfaceFlinger.cpp, there is a possible way to perform tapjacking due to a logic error in the code.
local
low complexity
google CWE-1021
7.8