Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2022-05-03 CVE-2022-20111 Improper Handling of Exceptional Conditions vulnerability in Google Android
In ion, there is a possible use after free due to incorrect error handling.
local
low complexity
google CWE-755
8.4
8.4
2022-05-03 CVE-2022-21743 Integer Overflow or Wraparound vulnerability in Google Android
In ion, there is a possible use after free due to an integer overflow.
local
low complexity
google CWE-190
7.8
7.8
2022-05-03 CVE-2022-20084 Missing Authorization vulnerability in Google Android 10.0/11.0/12.0
In telephony, there is a possible way to disable receiving emergency broadcasts due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8
2022-05-03 CVE-2022-20088 Improper Handling of Exceptional Conditions vulnerability in Google Android 11.0/12.0
In aee driver, there is a possible reference count mistake due to incorrect error handling.
local
low complexity
google CWE-755
7.8
7.8
2022-05-03 CVE-2022-20093 Missing Authorization vulnerability in Google Android 10.0/11.0/12.0
In telephony, there is a possible way to disable receiving SMS messages due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8
2022-05-03 CVE-2022-20099 Out-of-bounds Write vulnerability in Google Android 11.0/12.0
In aee daemon, there is a possible out of bounds write due to improper input validation.
local
low complexity
google CWE-787
7.8
7.8
2022-05-03 CVE-2022-20109 Unspecified vulnerability in Google Android
In ion, there is a possible use after free due to improper update of reference count.
local
low complexity
google
7.8
7.8
2022-05-03 CVE-2022-20110 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android
In ion, there is a possible use after free due to a race condition.
local
high complexity
google CWE-367
7.0
7.0
2022-05-03 CVE-2022-28783 Improper Input Validation vulnerability in Google Android 10.0/11.0/12.0
Improper validation of removing package name in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to uninstall arbitrary packages without permission.
local
low complexity
google CWE-20
7.1
7.1
2022-05-03 CVE-2021-22556 Integer Overflow or Wraparound vulnerability in Google Fuchsia
The Security Team discovered an integer overflow bug that allows an attacker with code execution to issue memory cache invalidation operations on pages that they don’t own, allowing them to control kernel memory from userspace.
local
low complexity
google CWE-190
7.8
7.8