Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2021-06-22 CVE-2021-0553 Injection vulnerability in Google Android 11.0
In onBindViewHolder of AppSwitchPreference.java, there is a possible bypass of device admin setttings due to unclear UI.
local
low complexity
google CWE-74
7.3
2021-06-22 CVE-2021-0607 Out-of-bounds Write vulnerability in Google Android
In iaxxx_calc_i2s_div of iaxxx-codec.c, there is a possible hardware port write with user controlled data due to a missing bounds check.
local
low complexity
google CWE-787
7.8
2021-06-22 CVE-2021-0608 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android
In handleAppLaunch of AppLaunchActivity.java, there is a possible arbitrary activity launch due to a confused deputy.
local
low complexity
google CWE-610
7.8
2021-06-22 CVE-2021-0534 Insecure Default Initialization of Resource vulnerability in Google Android 11.0
In permission declarations of DeviceAdminReceiver.java, there is a possible lack of broadcast protection due to an insecure default value.
local
low complexity
google CWE-1188
7.8
2021-06-22 CVE-2021-0555 NULL Pointer Dereference vulnerability in Google Android 11.0
In RenderStruct of protostream_objectsource.cc, there is a possible crash due to a missing null check.
network
low complexity
google CWE-476
7.5
2021-06-22 CVE-2021-0557 Integer Overflow or Wraparound vulnerability in Google Android 11.0
In setRange of ABuffer.cpp, there is a possible out of bounds write due to an integer overflow.
network
low complexity
google CWE-190
8.8
2021-06-22 CVE-2021-0565 Use After Free vulnerability in Google Android 11.0
In wrapUserThread of AudioStream.cpp, there is a possible use after free due to a race condition.
local
high complexity
google CWE-416
7.0
2021-06-22 CVE-2021-0567 Injection vulnerability in Google Android 11.0
In isRestricted of RemoteViews.java, there is a possible way to inject font files due to a permissions bypass.
local
low complexity
google CWE-74
7.8
2021-06-22 CVE-2021-0568 Missing Authorization vulnerability in Google Android 11.0
In onReceive of DevicePolicyManagerService.java, there is a possible enabling of disabled profiles due to a missing permission check.
local
low complexity
google CWE-862
7.8
2021-06-22 CVE-2021-0570 Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 11.0
In sendBugreportNotification of BugreportProgressService.java, there is a possible permission bypass due to an unsafe PendingIntent.
local
low complexity
google CWE-732
7.8