Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2021-12-15 CVE-2021-1029 Use After Free vulnerability in Google Android 12.0
In setClientStateLocked of SurfaceFlinger.cpp, there is a possible out of bounds write due to a use after free.
local
low complexity
google CWE-416
7.8
7.8
2021-12-15 CVE-2021-1039 Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android
In NotificationAccessActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack.
local
low complexity
google CWE-1021
7.8
7.8
2021-12-15 CVE-2021-1040 Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android
In onCreate of BluetoothPairingSelectionFragment.java, there is a possible EoP due to a tapjacking/overlay attack.
local
low complexity
google CWE-1021
7.8
7.8
2021-12-15 CVE-2021-1044 Out-of-bounds Write vulnerability in Google Android
In eicOpsDecryptAes128Gcm of acropora/app/identity/identity_support.c, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
7.8
7.8
2021-12-15 CVE-2021-1045 Unspecified vulnerability in Google Android
Product: AndroidVersions: Android kernelAndroid ID: A-195580473References: N/A
network
low complexity
google
7.5
7.5
2021-12-15 CVE-2021-1048 Use After Free vulnerability in Google Android
In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free.
local
low complexity
google CWE-416
7.8
7.8
2021-12-15 CVE-2021-39640 Improper Locking vulnerability in Google Android
In __dwc3_gadget_ep0_queue of ep0.c, there is a possible out of bounds write due to improper locking.
local
low complexity
google CWE-667
7.8
7.8
2021-12-15 CVE-2021-39646 Unspecified vulnerability in Google Android
Product: AndroidVersions: Android kernelAndroid ID: A-201537251References: N/A
network
low complexity
google
7.5
7.5
2021-12-15 CVE-2021-39651 Missing Authorization vulnerability in Google Android
In TBD of TBD, there is a possible way to access PIN protected settings bypassing PIN confirmation due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8
2021-12-15 CVE-2021-39653 Unspecified vulnerability in Google Android
In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing warning to the user.
local
low complexity
google
7.8
7.8