Vulnerabilities > Google > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-15 | CVE-2020-27034 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 11.0 In createSimSelectNotification of SimSelectNotification.java, there is a possible permission bypass due to an unsafe PendingIntent. | 2.1 |
| 2020-12-15 | CVE-2020-27035 | Improper Locking vulnerability in Google Android 11.0 In priorLinearAllocation of C2AllocatorIon.cpp, there is a possible use-after-free due to improper locking. | 2.1 |
| 2020-12-15 | CVE-2020-8936 | Out-of-bounds Read vulnerability in Google Asylo An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to UntrustedCall. | 2.1 |
| 2020-12-15 | CVE-2020-8937 | Out-of-bounds Write vulnerability in Google Asylo An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to enc_untrusted_create_wait_queue that uses a pointer queue that relies on UntrustedLocalMemcpy, which fails to validate where the pointer is located. | 2.1 |
| 2020-12-15 | CVE-2020-8938 | Out-of-bounds Write vulnerability in Google Asylo An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to FromkLinuxSockAddr with attacker controlled content and size of klinux_addr which allows an attacker to write memory values from within the enclave. | 2.1 |
| 2020-12-15 | CVE-2020-8939 | Out-of-bounds Read vulnerability in Google Asylo An out of bounds read on the enc_untrusted_inet_ntop function allows an attack to extend the result size that is used by memcpy() to read memory from within the enclave heap. | 2.1 |
| 2020-12-15 | CVE-2020-8940 | Out-of-bounds Read vulnerability in Google Asylo An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_untrusted_recvmsg using an attacker controlled result parameter. | 2.1 |
| 2020-12-15 | CVE-2020-8941 | Out-of-bounds Read vulnerability in Google Asylo An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_untrusted_inet_pton using an attacker controlled klinux_addr_buffer parameter. | 2.1 |
| 2020-12-15 | CVE-2020-8942 | Out-of-bounds Read vulnerability in Google Asylo An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_untrusted_read whose return size was not validated against the requrested size. | 2.1 |
| 2020-12-15 | CVE-2020-8943 | Out-of-bounds Read vulnerability in Google Asylo An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_untrusted_recvfrom whose return size was not validated against the requested size. | 2.1 |