Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-10 | CVE-2021-0336 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android In onReceive of BluetoothPermissionRequest.java, there is a possible permissions bypass due to a mutable PendingIntent. | 7.8 |
| 2021-02-10 | CVE-2021-0334 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. | 7.8 |
| 2021-02-10 | CVE-2021-0333 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. | 7.3 |
| 2021-02-10 | CVE-2021-0332 | Use After Free vulnerability in Google Android 10.0/11.0 In bootFinished of SurfaceFlinger.cpp, there is a possible memory corruption due to a use after free. | 7.8 |
| 2021-02-10 | CVE-2021-0331 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. | 7.3 |
| 2021-02-10 | CVE-2021-0330 | Use After Free vulnerability in Google Android 10.0/11.0/9.0 In add_user_ce and remove_user_ce of storaged.cpp, there is a possible use-after-free due to improper locking. | 7.8 |
| 2021-02-10 | CVE-2021-0329 | Out-of-bounds Write vulnerability in Google Android In several native functions called by AdvertiseManager.java, there is a possible out of bounds write due to a missing bounds check. | 7.8 |
| 2021-02-10 | CVE-2021-0328 | Missing Authorization vulnerability in Google Android In onBatchScanReports and deliverBatchScan of GattService.java, there is a possible way to retrieve Bluetooth scan results without permissions due to a missing permission check. | 7.8 |
| 2021-02-10 | CVE-2021-0327 | Improper Privilege Management vulnerability in Google Android In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. | 7.8 |
| 2021-02-10 | CVE-2021-0326 | Out-of-bounds Write vulnerability in multiple products In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. | 7.5 |