Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-15 | CVE-2021-0926 | Missing Authorization vulnerability in Google Android In onCreate of NfcImportVCardActivity.java, there is a possible way to add a contact without user's consent due to a missing permission check. | 7.8 |
| 2021-12-15 | CVE-2021-0927 | Improper Preservation of Permissions vulnerability in Google Android In requestChannelBrowsable of TvInputManagerService.java, there is a possible permission bypass due to a logic error in the code. | 7.8 |
| 2021-12-15 | CVE-2021-0928 | Improper Handling of Exceptional Conditions vulnerability in Google Android 10.0/11.0/9.0 In createFromParcel of OutputConfiguration.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. | 7.8 |
| 2021-12-15 | CVE-2021-0929 | Use After Free vulnerability in Google Android In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. | 7.8 |
| 2021-12-15 | CVE-2021-0930 | Out-of-bounds Write vulnerability in Google Android In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. | 8.8 |
| 2021-12-15 | CVE-2021-0932 | Unspecified vulnerability in Google Android 10.0 In showNotification of NavigationModeController.java, there is a possible confused deputy due to an unsafe PendingIntent. | 7.8 |
| 2021-12-15 | CVE-2021-0933 | Improper Encoding or Escaping of Output vulnerability in Google Android In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation. | 8.0 |
| 2021-12-15 | CVE-2021-0953 | Improper Preservation of Permissions vulnerability in Google Android In setOnClickActivityIntent of SearchWidgetProvider.java, there is a possible way to access contacts and history bookmarks without permission due to an unsafe PendingIntent. | 7.8 |
| 2021-12-15 | CVE-2021-0954 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0 In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay attack. | 7.3 |
| 2021-12-15 | CVE-2021-0955 | Race Condition vulnerability in Google Android 11.0 In pf_write_buf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. | 7.0 |