Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2022-03-30 CVE-2021-39746 Unspecified vulnerability in Google Android 12.1
In PermissionController, there is a possible way to delete some local files due to an unsafe PendingIntent.
local
low complexity
google
7.8
2022-03-30 CVE-2021-39749 Missing Authorization vulnerability in Google Android 12.1
In WindowManager, there is a possible way to start non-exported and protected activities due to a missing permission check.
local
low complexity
google CWE-862
7.8
2022-03-30 CVE-2021-39750 Missing Authorization vulnerability in Google Android 12.1
In PackageManager, there is a possible way to change the splash screen theme of other apps due to a missing permission check.
local
low complexity
google CWE-862
7.8
2022-03-30 CVE-2021-39752 Unspecified vulnerability in Google Android 12.1
In Bubbles, there is a possible way to interfere with Bubbles due to a permissions bypass.
local
low complexity
google
7.8
2022-03-30 CVE-2021-39758 Missing Authorization vulnerability in Google Android 12.1
In WindowManager, there is a possible way to start a foreground activity from the background due to a missing permission check.
local
low complexity
google CWE-862
7.8
2022-03-30 CVE-2021-39759 Integer Overflow or Wraparound vulnerability in Google Android 12.1
In libstagefright, there is a possible out of bounds write due to an integer overflow.
local
low complexity
google CWE-190
7.8
2022-03-30 CVE-2021-39762 Integer Overflow or Wraparound vulnerability in Google Android 12.1
In tremolo, there is a possible out of bounds read due to an integer overflow.
network
low complexity
google CWE-190
7.5
2022-03-30 CVE-2021-39763 Improper Input Validation vulnerability in Google Android 12.1
In Settings, there is a possible way to make the user enable WiFi due to improper input validation.
local
low complexity
google CWE-20
7.8
2022-03-30 CVE-2021-39764 Improper Input Validation vulnerability in Google Android 12.1
In Settings, there is a possible way to display an incorrect app name due to improper input validation.
local
low complexity
google CWE-20
7.8
2022-03-30 CVE-2021-39767 Insecure Default Initialization of Resource vulnerability in Google Android 12.1
In miniadb, there is a possible way to get read/write access to recovery system properties due to an insecure default value.
local
low complexity
google CWE-1188
7.8