Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2022-03-30 CVE-2021-39768 Missing Authorization vulnerability in Google Android 12.1
In Settings, there is a possible way to add an auto-connect WiFi network without the user's consent due to a missing permission check.
local
low complexity
google CWE-862
7.8
2022-03-30 CVE-2021-39771 Improper Input Validation vulnerability in Google Android 12.1
In Settings, there is a possible way to misrepresent which app wants to add a wifi network due to improper input validation.
local
low complexity
google CWE-20
7.8
2022-03-30 CVE-2021-39772 Improper Privilege Management vulnerability in Google Android 12.0
In Bluetooth, there is a possible way to access the a2dp audio control switch due to a missing permission check.
low complexity
google CWE-269
8.8
2022-03-30 CVE-2021-39776 Use After Free vulnerability in Google Android 12.0
In NFC, there is a possible memory corruption due to a use after free.
local
low complexity
google CWE-416
7.8
2022-03-30 CVE-2021-39780 Incorrect Default Permissions vulnerability in Google Android 12.0
In Traceur, there is a possible bypass of developer settings requirements for capturing system traces due to a missing permission check.
local
low complexity
google CWE-276
7.8
2022-03-30 CVE-2021-39781 Unspecified vulnerability in Google Android 12.0
In SmsController, there is a possible information disclosure due to a permissions bypass.
local
low complexity
google
7.8
2022-03-30 CVE-2021-39782 Improper Privilege Management vulnerability in Google Android 12.0
In Telephony, there is a possible unauthorized modification of the PLMN SIM file due to a missing permission check.
local
low complexity
google CWE-269
7.8
2022-03-30 CVE-2021-39783 Improper Privilege Management vulnerability in Google Android 12.0
In rcsservice, there is a possible way to modify TTY mode due to a missing permission check.
local
low complexity
google CWE-269
7.8
2022-03-30 CVE-2021-39784 Improper Privilege Management vulnerability in Google Android 12.0
In CellBroadcastReceiver, there is a possible path to enable specific cellular features due to a missing permission check.
local
low complexity
google CWE-269
7.8
2022-03-30 CVE-2021-39787 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 12.0
In SystemUI, there is a possible arbitrary Activity launch due to a confused deputy.
local
low complexity
google CWE-610
7.8