Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2019-11-13 CVE-2019-2213 Use After Free vulnerability in Google Android
In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition.
local
high complexity
google CWE-416
7.4
7.4
2019-11-13 CVE-2019-2211 SQL Injection vulnerability in Google Android
In createProjectionMapForQuery of TvProvider.java, there is possible SQL injection.
network
low complexity
google CWE-89
7.5
7.5
2019-11-13 CVE-2019-2208 Out-of-bounds Read vulnerability in Google Android 9.0
In PromiseBuiltinsAssembler::NewPromiseCapability of builtins-promise.cc, there is a possible out of bounds read in v8 JIT code due to a bug in code generation.
network
low complexity
google CWE-125
7.5
7.5
2019-11-13 CVE-2019-2207 Out-of-bounds Write vulnerability in Google Android
In nfa_hci_handle_admin_gate_rsp of nfa_hci_act.cc, there is a possible out of bound write due to missing bounds checks.
local
low complexity
google CWE-787
7.8
7.8
2019-11-13 CVE-2019-2206 Out-of-bounds Write vulnerability in Google Android
In rw_i93_sm_set_read_only of rw_i93.cc, there is a possible out of bounds write due to a missing bounds check.
network
low complexity
google CWE-787
8.8
8.8
2019-11-13 CVE-2019-2203 Out-of-bounds Write vulnerability in Google Android
In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow.
local
low complexity
google CWE-787
7.8
7.8
2019-11-13 CVE-2019-2202 Out-of-bounds Write vulnerability in Google Android 10.0/9.0
In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow.
local
low complexity
google CWE-787
7.8
7.8
2019-11-13 CVE-2019-2201 Out-of-bounds Write vulnerability in multiple products
In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google canonical CWE-787
7.8
7.8
2019-11-13 CVE-2019-2195 SQL Injection vulnerability in Google Android
In tokenize of sqlite3_android.cpp, there is a possible attacker controlled INSERT statement due to improper input validation.
local
low complexity
google CWE-89
7.8
7.8
2019-11-13 CVE-2019-2193 Improper Privilege Management vulnerability in Google Android
In WelcomeActivity.java and related files, there is a possible permissions bypass due to a partially provisioned Device Policy Client.
local
low complexity
google CWE-269
7.8
7.8