PT-2022-9144 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions 9 through 12 Description: The issue concerns a broadcast sent by DevicePickerFragment when a new device is paired, lacking permission checks. This allows any app to register and listen for the broadcast, enabling them to trac...

PT-2022-10931 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-9 through Android-12 Description: The issue is related to an incorrect bounds check in the doRead function of SimpleDecodingSource.cpp, which could lead to a possible out of bounds write. This might result in remote...

CVE-2021-0971

In MPEG4Source::read of MPEG4Extractor.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10...

PT-2021-13362 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions 9 through 12 Description: The issue is related to improper input validation in the onCreate method of certain activities, allowing HTML tags to interfere with a consent dialog. This could lead to remote escalation of privileg...