Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-03 | CVE-2021-22556 | Integer Overflow or Wraparound vulnerability in Google Fuchsia The Security Team discovered an integer overflow bug that allows an attacker with code execution to issue memory cache invalidation operations on pages that they don’t own, allowing them to control kernel memory from userspace. | 7.8 |
| 2022-05-03 | CVE-2021-22573 | Improper Verification of Cryptographic Signature vulnerability in Google Oauth Client Library for Java The vulnerability is that IDToken verifier does not verify if token is properly signed. | 7.3 |
| 2022-05-01 | CVE-2022-25647 | Deserialization of Untrusted Data vulnerability in multiple products The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks. | 7.5 |
| 2022-04-12 | CVE-2021-0694 | Incorrect Authorization vulnerability in Google Android 11.0 In setServiceForegroundInnerLocked of ActiveServices.java, there is a possible way for a background application to regain foreground permissions due to insufficient background restrictions. | 7.8 |
| 2022-04-12 | CVE-2021-0707 | Use After Free vulnerability in Google Android In dma_buf_release of dma-buf.c, there is a possible memory corruption due to a use after free. | 7.8 |
| 2022-04-12 | CVE-2021-39794 | Incorrect Default Permissions vulnerability in Google Android 11.0/12.0/12.1 In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the shell user, if wireless debugging is enabled, due to a missing permission check. | 7.8 |
| 2022-04-12 | CVE-2021-39796 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick victim to install harmful app due to a tapjacking/overlay attack. | 7.3 |
| 2022-04-12 | CVE-2021-39797 | Improper Privilege Management vulnerability in Google Android 12.0/12.1 In several functions of of LauncherApps.java, there is a possible escalation of privilege due to a logic error in the code. | 7.8 |
| 2022-04-12 | CVE-2021-39798 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 12.0/12.1 In Bitmap_createFromParcel of Bitmap.cpp, there is a possible arbitrary code execution due to a missing bounds check. | 7.8 |
| 2022-04-12 | CVE-2021-39799 | Incorrect Authorization vulnerability in Google Android 12.0/12.1 In AttributionSource of AttributionSource.java, there is a possible permission bypass due to improper input validation. | 7.8 |