Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-26 | CVE-2023-20913 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of PhoneAccountSettingsActivity.java and related files, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. | 7.8 |
| 2023-01-26 | CVE-2023-20915 | Always-Incorrect Control Flow Implementation vulnerability in Google Android In addOrReplacePhoneAccount of PhoneAccountRegistrar.java, there is a possible way to enable a phone account without user interaction due to a logic error in the code. | 7.8 |
| 2023-01-26 | CVE-2023-20916 | Missing Authorization vulnerability in Google Android 12.0/12.1 In getMainActivityLaunchIntent of LauncherAppsService.java, there is a possible way to bypass the restrictions on starting activities from the background due to a missing permission check. | 7.8 |
| 2023-01-26 | CVE-2023-20919 | Unspecified vulnerability in Google Android 13.0 In getStringsForPrefix of Settings.java, there is a possible prevention of package uninstallation due to a logic error in the code. | 7.8 |
| 2023-01-26 | CVE-2023-20920 | Use After Free vulnerability in Google Android In queue of UsbRequest.java, there is a possible way to corrupt memory due to a use after free. | 7.8 |
| 2023-01-26 | CVE-2023-20921 | Always-Incorrect Control Flow Implementation vulnerability in Google Android In onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically grant accessibility services due to a logic error in the code. | 7.3 |
| 2023-01-26 | CVE-2023-20925 | Use After Free vulnerability in Google Android In setUclampMinLocked of PowerSessionManager.cpp, there is a possible way to corrupt memory due to a use after free. | 7.8 |
| 2023-01-26 | CVE-2023-20928 | Improper Locking vulnerability in Google Android In binder_vma_close of binder.c, there is a possible use after free due to improper locking. | 7.8 |
| 2023-01-26 | CVE-2022-20456 | Allocation of Resources Without Limits or Throttling vulnerability in Google Android In AutomaticZenRule of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. | 7.8 |
| 2023-01-26 | CVE-2022-20461 | Type Confusion vulnerability in Google Android In pinReplyNative of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible out of bounds read due to type confusion. | 7.8 |