Vulnerabilities > Google > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2022-20055 Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0
In preloader (usb), there is a possible out of bounds write due to a missing bounds check.
low complexity
google CWE-787
6.8
6.8
2022-03-10 CVE-2022-20056 Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0
In preloader (usb), there is a possible out of bounds write due to a missing bounds check.
low complexity
google CWE-787
6.6
6.6
2022-03-10 CVE-2022-20057 Improper Handling of Exceptional Conditions vulnerability in Google Android 11.0/12.0
In btif, there is a possible memory corruption due to incorrect error handling.
local
low complexity
google CWE-755
6.5
6.5
2022-03-10 CVE-2022-20058 Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0
In preloader (usb), there is a possible out of bounds write due to a missing bounds check.
low complexity
google CWE-787
6.6
6.6
2022-03-10 CVE-2022-20059 Out-of-bounds Write vulnerability in Google Android 10.0/11.0/12.0
In preloader (usb), there is a possible out of bounds write due to a missing bounds check.
low complexity
google CWE-787
6.6
6.6
2022-03-10 CVE-2022-20060 Missing Authentication for Critical Function vulnerability in Google Android 10.0/11.0/12.0
In preloader (usb), there is a possible permission bypass due to a missing proper image authentication.
low complexity
google CWE-306
6.6
6.6
2022-02-25 CVE-2022-0247 Incorrect Permission Assignment for Critical Resource vulnerability in Google Fuchsia 4.1/4.1.1/4.1.2
An issue exists in Fuchsia where VMO data can be modified through access to copy-on-write snapshots.
local
low complexity
google CWE-732
5.5
5.5
2022-02-25 CVE-2022-25326 Resource Exhaustion vulnerability in Google Fscrypt
fscrypt through v0.3.2 creates a world-writable directory by default when setting up a filesystem, allowing unprivileged users to exhaust filesystem space.
local
low complexity
google CWE-400
5.5
5.5
2022-02-25 CVE-2022-25327 Incorrect Default Permissions vulnerability in Google Fscrypt
The PAM module for fscrypt doesn't adequately validate fscrypt metadata files, allowing users to create malicious metadata files that prevent other users from logging in.
local
low complexity
google CWE-276
5.5
5.5
2022-02-12 CVE-2022-0291 Unspecified vulnerability in Google Chrome
Inappropriate implementation in Storage in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
network
low complexity
google
6.5
6.5