Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-17 | CVE-2020-0275 | Incorrect Default Permissions vulnerability in Google Android 11.0 In MediaProvider, there is a possible way to access ContentResolver and MediaStore entries the app shouldn't have access to due to a permissions bypass. | 7.8 |
| 2020-09-17 | CVE-2020-0267 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 11.0 In WindowManager, there is a possible launch of an unexpected app due to a confused deputy. | 7.8 |
| 2020-09-17 | CVE-2020-0266 | Missing Authorization vulnerability in Google Android 11.0 In factory reset protection, there is a possible FRP bypass due to a missing permission check. | 7.8 |
| 2020-09-17 | CVE-2020-0264 | Integer Overflow or Wraparound vulnerability in Google Android 11.0 In libstagefright, there is a possible out of bounds write due to an integer overflow. | 8.8 |
| 2020-09-17 | CVE-2020-0130 | Command Injection vulnerability in Google Android 11.0 In screencap, there is a possible command injection due to improper input validation. | 7.8 |
| 2020-09-17 | CVE-2020-0434 | Use After Free vulnerability in Google Android In Pixel's use of the Catpipe library, there is possible memory corruption due to a use after free. | 7.8 |
| 2020-09-17 | CVE-2020-0433 | Improper Locking vulnerability in Google Android In blk_mq_queue_tag_busy_iter of blk-mq-tag.c, there is a possible use after free due to improper locking. | 7.8 |
| 2020-09-17 | CVE-2020-0432 | Integer Overflow or Wraparound vulnerability in multiple products In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. | 7.8 |
| 2020-09-17 | CVE-2020-0430 | Out-of-bounds Read vulnerability in Google Android In skb_headlen of /include/linux/skbuff.h, there is a possible out of bounds read due to memory corruption. | 7.8 |
| 2020-09-17 | CVE-2020-0387 | Missing Authorization vulnerability in Google Android In manifest files of the SmartSpace package, there is a possible tapjacking vector due to a missing permission check. | 7.8 |