Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-10 | CVE-2022-20356 | Improper Input Validation vulnerability in Google Android 11.0/12.0/12.1 In shouldAllowFgsWhileInUsePermissionLocked of ActiveServices.java, there is a possible way to start foreground service from background due to improper input validation. | 7.8 |
| 2022-08-10 | CVE-2022-20360 | Missing Authorization vulnerability in Google Android In setChecked of SecureNfcPreferenceController.java, there is a missing permission check. | 7.8 |
| 2022-08-05 | CVE-2022-33731 | Unspecified vulnerability in Google Android 11.0/12.0 Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components. | 7.1 |
| 2022-08-05 | CVE-2022-33732 | Unspecified vulnerability in Google Android 12.0 Improper access control vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows local attackers to scan and connect to PC by unprotected binder call. | 7.1 |
| 2022-08-01 | CVE-2022-26429 | Missing Authorization vulnerability in Google Android 11.0/12.0 In cta, there is a possible way to write permission usage records of an app due to a missing permission check. | 7.8 |
| 2022-07-28 | CVE-2022-2399 | Use After Free vulnerability in Google Chrome Use after free in WebGPU in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-07-28 | CVE-2022-2163 | Use After Free vulnerability in multiple products Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction. | 8.8 |
| 2022-07-28 | CVE-2022-2294 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-07-28 | CVE-2022-2295 | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-07-28 | CVE-2022-2296 | Use After Free vulnerability in multiple products Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions. | 8.8 |