Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-27 CVE-2023-40116 Unspecified vulnerability in Google Android 11.0/12.0/12.1
In onTaskAppeared of PipTaskOrganizer.java, there is a possible way to bypass background activity launch restrictions due to a logic error in the code.
local
low complexity
google
7.8
7.8
2023-10-27 CVE-2023-40117 Unspecified vulnerability in Google Android
In resetSettingsLocked of SettingsProvider.java, there is a possible lockscreen bypass due to a permissions bypass.
local
low complexity
google
7.8
7.8
2023-10-27 CVE-2023-40120 Unspecified vulnerability in Google Android
In multiple locations, there is a possible way to bypass user notification of foreground services due to improper input validation.
local
low complexity
google
7.8
7.8
2023-10-27 CVE-2023-40125 Unspecified vulnerability in Google Android
In onCreate of ApnEditor.java, there is a possible way for a Guest user to change the APN due to a permission bypass.
local
low complexity
google
7.8
7.8
2023-10-27 CVE-2023-40128 Out-of-bounds Write vulnerability in Google Android
In several functions of xmlregexp.c, there is a possible out of bounds write due to a heap buffer overflow.
local
low complexity
google CWE-787
7.8
7.8
2023-10-27 CVE-2023-40129 Out-of-bounds Write vulnerability in Google Android 12.0/12.1/13.0
In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow.
low complexity
google CWE-787
8.8
8.8
2023-10-27 CVE-2023-40130 Unspecified vulnerability in Google Android
In onBindingDied of CallRedirectionProcessor.java, there is a possible permission bypass due to a logic error in the code.
local
low complexity
google
7.8
7.8
2023-10-27 CVE-2023-40131 Use After Free vulnerability in Google Android
In GpuService of GpuService.cpp, there is a possible use after free due to a race condition.
local
high complexity
google CWE-416
7.0
7.0
2023-10-27 CVE-2023-40140 Use After Free vulnerability in Google Android
In android_view_InputDevice_create of android_view_InputDevice.cpp, there is a possible way to execute arbitrary code due to a use after free.
local
low complexity
google CWE-416
7.8
7.8
2023-10-25 CVE-2023-5472 Use After Free vulnerability in multiple products
Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
8.8