Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2021-04-13 CVE-2021-0442 Use After Free vulnerability in Google Android 11.0
In updateInfo of android_hardware_input_InputApplicationHandle.cpp, there is a possible control of code flow due to a use after free.
local
low complexity
google CWE-416
7.8
2021-04-13 CVE-2021-0439 Out-of-bounds Write vulnerability in Google Android 11.0
In setPowerModeWithHandle of com_android_server_power_PowerManagerService.cpp, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
7.8
2021-04-13 CVE-2021-0438 Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/8.1/9.0
In several functions of InputDispatcher.cpp, WindowManagerService.java, and related files, there is a possible tapjacking attack due to an incorrect FLAG_OBSCURED value.
local
low complexity
google CWE-1021
7.8
2021-04-13 CVE-2021-0437 Double Free vulnerability in Google Android
In setPlayPolicy of DrmPlugin.cpp, there is a possible double free.
local
low complexity
google CWE-415
7.8
2021-04-13 CVE-2021-0435 Improper Initialization vulnerability in Google Android
In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data.
network
low complexity
google CWE-665
7.5
2021-04-13 CVE-2021-0433 Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android
In onCreate of DeviceChooserActivity.java, there is a possible way to bypass user consent when pairing a Bluetooth device due to a tapjacking/overlay attack.
low complexity
google CWE-1021
8.0
2021-04-13 CVE-2021-0432 Race Condition vulnerability in Google Android 11.0
In ClearPullerCacheIfNecessary and ForceClearPullerCache of StatsPullerManager.cpp, there is a possible use-after-free due to a race condition.
local
high complexity
google CWE-362
7.0
2021-04-13 CVE-2021-0431 Out-of-bounds Read vulnerability in Google Android
In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
7.5
2021-04-13 CVE-2021-0429 Use After Free vulnerability in Google Android
In pollOnce of ALooper.cpp, there is possible memory corruption due to a use after free.
local
low complexity
google CWE-416
7.8
2021-04-13 CVE-2021-0427 Out-of-bounds Write vulnerability in Google Android 11.0
In parseExclusiveStateAnnotation of LogEvent.cpp, there is a possible out of bounds write due to a heap buffer overflow.
local
low complexity
google CWE-787
7.8