Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-15 | CVE-2023-21126 | Unspecified vulnerability in Google Android 13.0 In bindOutputSwitcherAndBroadcastButton of MediaControlPanel.java, there is a possible launch arbitrary activity under SysUI due to Unsafe Intent. | 7.8 |
| 2023-06-15 | CVE-2023-21127 | Use of Uninitialized Resource vulnerability in Google Android In readSampleData of NuMediaExtractor.cpp, there is a possible out of bounds write due to uninitialized data. | 8.8 |
| 2023-06-15 | CVE-2023-21128 | Unspecified vulnerability in Google Android In various functions of AppStandbyController.java, there is a possible way to break manageability scenarios due to a logic error in the code. | 7.8 |
| 2023-06-15 | CVE-2023-21129 | Unspecified vulnerability in Google Android In getFullScreenIntentDecision of NotificationInterruptStateProviderImpl.java, there is a possible activity launch while the app is in the background due to a BAL bypass. | 7.8 |
| 2023-06-15 | CVE-2023-21131 | Unspecified vulnerability in Google Android In checkKeyIntentParceledCorrectly() of ActivityManagerService.java, there is a possible bypass of Parcel Mismatch mitigations due to a logic error in the code. | 7.8 |
| 2023-06-15 | CVE-2023-21135 | Improper Input Validation vulnerability in Google Android In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation. | 7.8 |
| 2023-06-15 | CVE-2023-21138 | Improper Input Validation vulnerability in Google Android In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to improper input validation. | 7.8 |
| 2023-06-15 | CVE-2023-21139 | Unspecified vulnerability in Google Android 13.0 In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI due to Unsafe Intent. | 7.8 |
| 2023-06-15 | CVE-2023-21144 | Unspecified vulnerability in Google Android In doInBackground of NotificationContentInflater.java, there is a possible temporary denial or service due to long running operations. | 7.5 |
| 2023-06-14 | CVE-2023-2976 | Files or Directories Accessible to External Parties vulnerability in Google Guava Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows. | 7.1 |