Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-21 | CVE-2022-0976 | Out-of-bounds Write vulnerability in Google Chrome Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-07-13 | CVE-2022-20212 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0 In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. | 7.8 |
| 2022-07-13 | CVE-2022-20218 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 12.0/12.1 In PermissionController, there is a possible way to get and retain permissions without user's consent due to a logic error in the code. | 7.8 |
| 2022-07-13 | CVE-2022-20220 | Path Traversal vulnerability in Google Android 12.0/12.1 In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. | 7.8 |
| 2022-07-13 | CVE-2022-20223 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. | 7.8 |
| 2022-07-13 | CVE-2022-20224 | Out-of-bounds Read vulnerability in Google Android In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. | 7.5 |
| 2022-07-13 | CVE-2022-20234 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 12.1 In Car Settings app, the NotificationAccessConfirmationActivity is exported. | 7.5 |
| 2022-07-13 | CVE-2022-20236 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A drm driver have oob problem, could cause the system crash or EOPProduct: AndroidVersions: Android SoCAndroid ID: A-233124709 | 7.5 |
| 2022-07-12 | CVE-2022-30754 | Unspecified vulnerability in Google Android 10.0/11.0/12.0 Implicit Intent hijacking vulnerability in AppLinker prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of AppLinker. | 7.8 |
| 2022-07-12 | CVE-2022-30755 | Improper Authentication vulnerability in Google Android 10.0/11.0/12.0 Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent. | 7.8 |