Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2023-06-28 CVE-2023-21225 Incorrect Authorization vulnerability in Google Android
there is a possible way to bypass the protected confirmation screen due to Failure to lock display power.
local
low complexity
google CWE-863
7.8
7.8
2023-06-28 CVE-2023-21226 Out-of-bounds Read vulnerability in Google Android
In SAEMM_RetrieveTaiList of SAEMM_ContextManagement.c, there is a possible out of bounds read due to an incorrect bounds check.
network
low complexity
google CWE-125
7.5
7.5
2023-06-26 CVE-2023-3420 Type Confusion vulnerability in multiple products
Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian CWE-843
8.8
8.8
2023-06-26 CVE-2023-3421 Use After Free vulnerability in multiple products
Use after free in Media in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian CWE-416
8.8
8.8
2023-06-26 CVE-2023-3422 Use After Free vulnerability in multiple products
Use after free in Guest View in Google Chrome prior to 114.0.5735.198 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian CWE-416
8.8
8.8
2023-06-15 CVE-2023-21101 Use After Free vulnerability in Google Android
In multiple functions of WVDrmPlugin.cpp, there is a possible use after free due to a race condition.
local
high complexity
google CWE-416
7.0
7.0
2023-06-15 CVE-2023-21108 Use After Free vulnerability in Google Android
In sdpu_build_uuid_seq of sdp_discovery.cc, there is a possible out of bounds write due to a use after free.
low complexity
google CWE-416
8.8
8.8
2023-06-15 CVE-2023-21115 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Google Android 11.0/12.0/12.1
In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type due to improperly used crypto.
low complexity
google CWE-327
8.8
8.8
2023-06-15 CVE-2023-21120 Improper Locking vulnerability in Google Android
In multiple functions of cdm_engine.cpp, there is a possible use-after-free due to improper locking.
local
low complexity
google CWE-667
7.8
7.8
2023-06-15 CVE-2023-21121 Improper Input Validation vulnerability in Google Android 11.0/12.0
In onResume of AppManagementFragment.java, there is a possible way to prevent users from forgetting a previously connected VPN due to improper input validation.
local
low complexity
google CWE-20
7.8
7.8