1085 matches found
CVE-2021-39803
In Impl of C2AllocatorIon.cpp, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12...
CVE-2021-39799
In AttributionSource of AttributionSource.java, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2021-39798
In BitmapcreateFromParcel of Bitmap.cpp, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12...
CVE-2021-39797
In several functions of of LauncherApps.java, there is a possible escalation of privilege due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2021-39805
In l2cbleprocesssigcmd of l2cble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Input validation
In createNotificationChannelGroup of PreferencesHelper.java, there is a possible way for a service to run in foreground without user notification due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...
Out-of-bounds
In avrcctrlparsvendorrsp of avrcparsct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...
Out-of-bounds
In BitmapcreateFromParcel of Bitmap.cpp, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12...
CVE-2021-39796
In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick victim to install harmful app due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...
Design/Logic Flaw
In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the shell user, if wireless debugging is enabled, due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed...
Input validation
In AttributionSource of AttributionSource.java, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Privilege escalation
In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick victim to install harmful app due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...
Out-of-bounds
In l2cbleprocesssigcmd of l2cble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Privilege escalation
In several functions of of LauncherApps.java, there is a possible escalation of privilege due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2021-39809
CVE-2021-39809 affects Android platforms (Android 10–12, including 12L). The issue resides in avrc_ctrl_pars_vendor_rsp within avrc_pars_ct.cc, where a missing bounds check leads to an out-of-bounds read. This can cause remote information disclosure without requiring user interaction or additiona...
CVE-2021-39808
In CVE-2021-39808, the issue is in Android’s PreferencesHelper.java within createNotificationChannelGroup, where improper input validation can allow a service to run in the foreground without a user notification. This enables local elevation of privilege on Android 10–12, with no additional execu...
CVE-2021-39799
CVE-2021-39799 affects Android (Android-12, Android-12L) in the AttributionSource.java AttributionSource component. The issue is a local elevation of privilege due to improper input validation, enabling a potential permission bypass without extra execution privileges and without user interaction....
CVE-2021-39798
CVE-2021-39798 affects Google Android 12 and Android 12L. The flaw is in Bitmap_createFromParcel (Bitmap.cpp) where a missing bounds check enables arbitrary code execution, leading to local escalation of privileges with user-level rights and no user interaction required. Exploitation would occur ...
CVE-2021-39797
In several functions of of LauncherApps.java, there is a possible escalation of privilege due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2021-39796
In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick victim to install harmful app due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...