Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-01 | CVE-2024-39428 | Out-of-bounds Write vulnerability in Google Android 12.0/13.0/14.0 In trusty service, there is a possible out of bounds write due to a missing bounds check. | 4.4 |
| 2024-07-01 | CVE-2024-39429 | Out-of-bounds Write vulnerability in Google Android 12.0 In faceid servive, there is a possible out of bounds write due to a missing bounds check. | 6.2 |
| 2024-07-01 | CVE-2024-39430 | Out-of-bounds Write vulnerability in Google Android 12.0 In faceid servive, there is a possible out of bounds write due to a missing bounds check. | 6.2 |
| 2024-07-01 | CVE-2024-20079 | Out-of-bounds Write vulnerability in Google Android 13.0/14.0 In gnss service, there is a possible out of bounds write due to improper input validation. | 6.7 |
| 2024-07-01 | CVE-2024-20081 | Out-of-bounds Write vulnerability in multiple products In gnss service, there is a possible out of bounds write due to improper input validation. | 6.7 |
| 2024-06-26 | CVE-2024-38271 | Improper Resource Shutdown or Release vulnerability in Google Nearby There exists a vulnerability in Quick Share/Nearby, where an attacker can force a victim to stay connected to a temporary hotspot created for the sharing. | 4.8 |
| 2024-06-26 | CVE-2024-38272 | Authentication Bypass by Capture-replay vulnerability in Google Nearby There exists a vulnerability in Quick Share/Nearby, where an attacker can bypass the accept file dialog on Quick Share Windows. Normally in Quick Share Windows app we can't send a file without the user accept from the receiving device if the visibility is set to everyone mode or contacts mode. We recommend upgrading to version 1.0.1724.0 of Quick Share or above | 4.3 |
| 2024-06-13 | CVE-2024-29778 | Out-of-bounds Read vulnerability in Google Android In ProtocolPsDedicatedBearInfoAdapter::processQosSession of protocolpsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. | 4.7 |
| 2024-06-13 | CVE-2024-29780 | Use of Uninitialized Resource vulnerability in Google Android In hwbcc_ns_deprivilege of trusty/user/base/lib/hwbcc/client/hwbcc.c, there is a possible uninitialized stack data disclosure due to uninitialized data. | 5.5 |
| 2024-06-13 | CVE-2024-29785 | Use of Uninitialized Resource vulnerability in Google Android In aur_get_state of aurora.c, there is a possible information disclosure due to uninitialized data. | 5.5 |