Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2023-09-11 CVE-2023-35658 Use After Free vulnerability in Google Android
In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible privilege escalation due to a use after free.
low complexity
google CWE-416
8.8
8.8
2023-09-11 CVE-2023-35665 Missing Authorization vulnerability in Google Android
In multiple files, there is a possible way to import a contact from another user due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8
2023-09-11 CVE-2023-35666 Use After Free vulnerability in Google Android
In bta_av_rc_msg of bta_av_act.cc, there is a possible use after free due to a logic error in the code.
local
low complexity
google CWE-416
7.8
7.8
2023-09-11 CVE-2023-35667 Unspecified vulnerability in Google Android
In updateList of NotificationAccessSettings.java, there is a possible way to hide approved notification listeners in the settings due to a logic error in the code.
local
low complexity
google
7.8
7.8
2023-09-11 CVE-2023-35669 Deserialization of Untrusted Data vulnerability in Google Android
In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to control other running activities due to unsafe deserialization.
local
low complexity
google CWE-502
7.8
7.8
2023-09-11 CVE-2023-35670 Path Traversal vulnerability in Google Android
In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps' external private directories due to a path traversal error.
local
low complexity
google CWE-22
7.8
7.8
2023-09-11 CVE-2023-35673 Integer Overflow or Wraparound vulnerability in Google Android
In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an integer overflow.
low complexity
google CWE-190
8.8
8.8
2023-09-11 CVE-2023-35674 Unspecified vulnerability in Google Android
In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code.
local
low complexity
google
7.8
7.8
2023-09-11 CVE-2023-35676 Unspecified vulnerability in Google Android 12.0/12.1/13.0
In createQuickShareAction of SaveImageInBackgroundTask.java, there is a possible way to trigger a background activity launch due to an unsafe PendingIntent.
local
low complexity
google
7.8
7.8
2023-09-11 CVE-2023-35682 Unspecified vulnerability in Google Android
In hasPermissionForActivity of PackageManagerHelper.java, there is a possible way to start arbitrary components due to a confused deputy.
local
low complexity
google
7.8
7.8