Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-13 | CVE-2022-20488 | Improper Validation of Specified Quantity in Input vulnerability in Google Android In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. | 7.8 |
| 2022-12-13 | CVE-2022-20491 | Improper Validation of Specified Quantity in Input vulnerability in Google Android In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. | 7.8 |
| 2022-12-13 | CVE-2022-20495 | Unspecified vulnerability in Google Android In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic error in the code. | 7.8 |
| 2022-12-13 | CVE-2022-20501 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. | 7.3 |
| 2022-12-13 | CVE-2022-20611 | Incorrect Default Permissions vulnerability in Google Android In deletePackageVersionedInternal of DeletePackageHelper.java, there is a possible way to bypass carrier restrictions due to a permissions bypass. | 7.8 |
| 2022-12-13 | CVE-2022-29580 | Path Traversal vulnerability in Google Search There exists a path traversal vulnerability in the Android Google Search app. | 7.8 |
| 2022-12-12 | CVE-2022-3509 | Unspecified vulnerability in Google Protobuf-Java and Protobuf-Javalite A parsing issue similar to CVE-2022-3171, but with textformat in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. | 7.5 |
| 2022-12-12 | CVE-2022-3510 | Unspecified vulnerability in Google Protobuf-Java and Protobuf-Javalite A parsing issue similar to CVE-2022-3171, but with Message-Type Extensions in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. | 7.5 |
| 2022-12-08 | CVE-2022-39907 | Integer Overflow or Wraparound vulnerability in Google Android Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write. | 7.8 |
| 2022-12-08 | CVE-2022-39908 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write. | 7.4 |