Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-14 | CVE-2021-0592 | Out-of-bounds Write vulnerability in Google Android In various functions in WideVine, there are possible out of bounds writes due to improper input validation. | 8.8 |
| 2021-07-14 | CVE-2021-0594 | Injection vulnerability in Google Android In onCreate of ConfirmConnectActivity, there is a possible remote bypass of user consent due to improper input validation. | 8.0 |
| 2021-07-14 | CVE-2021-0596 | Out-of-bounds Read vulnerability in Google Android In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. | 7.5 |
| 2021-07-14 | CVE-2021-0600 | Improper Input Validation vulnerability in Google Android In onCreate of DeviceAdminAdd.java, there is a possible way to mislead a user to activate a device admin app due to improper input validation. | 7.8 |
| 2021-07-14 | CVE-2021-0602 | Information Exposure vulnerability in Google Android 10.0/11.0 In onCreateOptionsMenu of WifiNetworkDetailsFragment.java, there is a possible way for guest users to view and modify Wi-Fi settings for all configured APs due to a permissions bypass. | 7.8 |
| 2021-07-14 | CVE-2021-0603 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0 In onCreate of ContactSelectionActivity.java, there is a possible way to get access to contacts without permission due to a tapjacking/overlay attack. | 7.8 |
| 2021-07-08 | CVE-2021-25426 | Unspecified vulnerability in Google Android 10.0/11.0/9.0 Improper component protection vulnerability in SmsViewerActivity of Samsung Message prior to SMR July-2021 Release 1 allows untrusted applications to access Message files. | 7.5 |
| 2021-07-08 | CVE-2021-25428 | Improper Privilege Management vulnerability in Google Android Improper validation check vulnerability in PackageManager prior to SMR July-2021 Release 1 allows untrusted applications to get dangerous level permission without user confirmation in limited circumstances. | 7.8 |
| 2021-07-02 | CVE-2021-30554 | Use After Free vulnerability in multiple products Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-07-02 | CVE-2021-30555 | Use After Free vulnerability in Google Chrome Use after free in Sharing in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page and user gesture. | 8.8 |