Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2024-05-07 CVE-2024-0042 Improper Certificate Validation vulnerability in Google Android
In TBD of TBD, there is a possible confusion of OEM and DRM certificates due to improperly used crypto.
local
low complexity
google CWE-295
7.8
2024-05-07 CVE-2024-0043 Unspecified vulnerability in Google Android
In multiple locations, there is a possible notification listener grant to an app running in the work profile due to a logic error in the code.
local
low complexity
google
7.8
2024-05-07 CVE-2024-23704 Missing Authorization vulnerability in Google Android 13.0/14.0
In onCreate of WifiDialogActivity.java, there is a possible way to bypass the DISALLOW_ADD_WIFI_CONFIG restriction due to a missing permission check.
local
low complexity
google CWE-862
7.8
2024-05-07 CVE-2024-23705 Unspecified vulnerability in Google Android
In multiple locations, there is a possible failure to persist or enforce user restrictions due to improper input validation.
local
low complexity
google
7.8
2024-05-07 CVE-2024-23706 Unspecified vulnerability in Google Android 14.0
In multiple locations, there is a possible bypass of health data permissions due to an improper input validation.
local
low complexity
google
7.8
2024-05-07 CVE-2024-23707 Unspecified vulnerability in Google Android 14.0
In multiple locations, there is a possible permissions bypass due to improper input validation.
local
low complexity
google
7.8
2024-05-07 CVE-2024-23708 Unspecified vulnerability in Google Android
In multiple functions of NotificationManagerService.java, there is a possible way to not show a toast message when a clipboard message has been accessed.
local
low complexity
google
7.8
2024-05-07 CVE-2024-23710 Unspecified vulnerability in Google Android 13.0/14.0
In assertPackageWithSharedUserIdIsPrivileged of InstallPackageHelper.java, there is a possible execution of arbitrary app code as a privileged app due to a logic error in the code.
local
low complexity
google
7.8
2024-05-07 CVE-2024-23713 Unspecified vulnerability in Google Android
In migrateNotificationFilter of NotificationManagerService.java, there is a possible failure to persist notifications settings due to improper input validation.
local
low complexity
google
7.8
2024-05-01 CVE-2024-4058 Type Confusion vulnerability in multiple products
Type confusion in ANGLE in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-843
8.8