Vulnerabilities > Google > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-10 | CVE-2020-8919 | Incorrect Authorization vulnerability in Google Gerrit An information leak vulnerability exists in Gerrit versions prior to 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where a missing access check on the branch REST API allows an attacker with only the default set of priviledges to read all other user's personal account data as well as sub-trees with restricted access. | 2.7 |
| 2020-12-10 | CVE-2020-8920 | Unspecified vulnerability in Google Gerrit An information leak vulnerability exists in Gerrit versions prior to 2.14.22, 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where an overoptimization with the FilteredRepository wrapper skips the verification of access on All-Users repositories, allowing an attacker to get read access to all users' personal information associated with their accounts. low complexity google | 2.7 |
| 2020-11-10 | CVE-2020-0424 | Unspecified vulnerability in Google Android 10.0/11.0/9.0 In send_vc of res_send.cpp, there is a possible out of bounds read due to an incorrect bounds check. | 2.1 |
| 2020-11-10 | CVE-2020-0437 | Missing Authorization vulnerability in Google Android In CellBroadcastReceiver's intent handlers, there is a possible denial of service due to a missing permission check. | 2.1 |
| 2020-11-10 | CVE-2020-0443 | Improper Check for Unusual or Exceptional Conditions vulnerability in Google Android In LocaleList of LocaleList.java, there is a possible forced reboot due to an uncaught exception. | 2.1 |
| 2020-11-10 | CVE-2020-0448 | Incorrect Default Permissions vulnerability in Google Android In getPhoneAccountsForPackage of TelecomServiceImpl.java, there is a possible way to access a tracking identifier due to a missing permission check. | 2.1 |
| 2020-11-10 | CVE-2020-0453 | Incorrect Default Permissions vulnerability in Google Android 8.0/8.1/9.0 In updateNotification of BeamTransferManager.java, there is a possible permission bypass due to an unsafe PendingIntent. | 2.1 |
| 2020-11-10 | CVE-2020-0454 | Missing Authorization vulnerability in Google Android 9.0 In callCallbackForRequest of ConnectivityService.java, there is a possible permission bypass due to a missing permission check. | 2.1 |
| 2020-10-14 | CVE-2020-0410 | Incorrect Default Permissions vulnerability in Google Android In setNotification of SapServer.java, there is a possible permission bypass due to a PendingIntent error. | 2.1 |
| 2020-10-14 | CVE-2020-0412 | Incorrect Default Permissions vulnerability in Google Android In setProcessMemoryTrimLevel of ActivityManagerService.java, there is a missing permission check. | 2.1 |