Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2022-24928 Unspecified vulnerability in Google Android 11.0
Security misconfiguration of RKP in kernel prior to SMR Mar-2022 Release 1 allows a system not to be protected by RKP.
local
low complexity
google
7.8
7.8
2022-03-10 CVE-2022-24931 Unspecified vulnerability in Google Android 10.0/11.0
Improper access control vulnerability in dynamic receiver in ApkInstaller prior to SMR MAR-2022 Release allows unauthorized attackers to execute arbitrary activity without a proper permission
local
low complexity
google
7.8
7.8
2022-03-10 CVE-2022-20047 Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0
In video decoder, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
7.8
7.8
2022-03-10 CVE-2022-20048 Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0
In video decoder, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
7.8
7.8
2022-03-10 CVE-2022-20053 Missing Authorization vulnerability in Google Android
In ims service, there is a possible escalation of privilege due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8
2022-03-10 CVE-2022-20054 Missing Authorization vulnerability in Google Android
In ims service, there is a possible AT command injection due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8
2022-03-04 CVE-2022-23729 Improper Authentication vulnerability in Google Android
When the device is in factory state, it can be access the shell without adb authentication process.
local
low complexity
google CWE-287
7.8
7.8
2022-02-25 CVE-2022-25328 OS Command Injection vulnerability in Google Fscrypt
The bash_completion script for fscrypt allows injection of commands via crafted mountpoint paths, allowing privilege escalation under a specific set of circumstances.
local
low complexity
google CWE-78
7.3
7.3
2022-02-12 CVE-2022-0289 Use After Free vulnerability in Google Chrome
Use after free in Safe browsing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
8.8
8.8
2022-02-12 CVE-2022-0293 Use After Free vulnerability in Google Chrome
Use after free in Web packaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
8.8
8.8