Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-19 | CVE-2023-21093 | Path Traversal vulnerability in Google Android In extractRelativePath of FileUtils.java, there is a possible way to access files in a directory belonging to other applications due to a path traversal error. | 7.8 |
| 2023-04-19 | CVE-2023-21094 | Missing Authorization vulnerability in Google Android In sanitize of LayerState.cpp, there is a possible way to take over the screen display and swap the display content due to a missing permission check. | 7.8 |
| 2023-04-19 | CVE-2023-21097 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. | 7.8 |
| 2023-04-19 | CVE-2023-21098 | Unspecified vulnerability in Google Android In multiple functions of AccountManagerService.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. | 7.8 |
| 2023-04-19 | CVE-2023-21099 | Unspecified vulnerability in Google Android In multiple methods of PackageInstallerSession.java, there is a possible way to start foreground services from the background due to a logic error in the code. | 7.8 |
| 2023-04-19 | CVE-2023-21100 | Out-of-bounds Write vulnerability in Google Android 12.0/12.1/13.0 In inflate of inflate.c, there is a possible out of bounds write due to a heap buffer overflow. | 7.8 |
| 2023-04-19 | CVE-2023-2133 | Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2023-04-19 | CVE-2023-2134 | Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2023-04-19 | CVE-2023-2135 | Use After Free vulnerability in multiple products Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. | 7.5 |
| 2023-04-19 | CVE-2023-2137 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |