Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-15 | CVE-2021-0904 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android In SRAMROM, there is a possible permission bypass due to an insecure permission setting. | 6.7 |
| 2021-12-15 | CVE-2021-0919 | Integer Overflow or Wraparound vulnerability in Google Android 10.0/11.0/9.0 In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. | 5.0 |
| 2021-12-15 | CVE-2021-0920 | Use After Free vulnerability in multiple products In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. | 6.4 |
| 2021-12-15 | CVE-2021-0931 | Unspecified vulnerability in Google Android In getAlias of BluetoothDevice.java, there is a possible way to create misleading permission dialogs due to missing data filtering. | 5.5 |
| 2021-12-15 | CVE-2021-0952 | Unspecified vulnerability in Google Android In doCropPhoto of PhotoSelectionHandler.java, there is a possible permission bypass due to a confused deputy. | 5.0 |
| 2021-12-15 | CVE-2021-0958 | Unspecified vulnerability in Google Android 11.0/12.0 In update of km_compat.cpp, there is a possible loss of potentially sensitive data due to a logic error in the code. | 4.4 |
| 2021-12-15 | CVE-2021-0961 | Missing Initialization of Resource vulnerability in Google Android In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data. | 4.4 |
| 2021-12-15 | CVE-2021-0964 | Incorrect Conversion between Numeric Types vulnerability in Google Android In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out of bounds write due to a heap buffer overflow. | 6.5 |
| 2021-12-15 | CVE-2021-0966 | Missing Initialization of Resource vulnerability in Google Android 11.0/12.0 In code generated by BuildParcelFields of generate_cpp.cpp, there is a possible way for a crafted parcelable to reveal uninitialized memory of a target process due to uninitialized data. | 5.5 |
| 2021-12-15 | CVE-2021-0969 | Improper Handling of Exceptional Conditions vulnerability in Google Android 10.0/11.0 In getTitle of AccessPoint.java, there is a possible unhandled exception due to a missing null check. | 6.5 |