Lucene search
K

297 matches found

OSV
OSV
added 2021/07/14 2:15 p.m.6 views

CVE-2021-0601

In encodeFrames of avcencfuzzer.cpp, there is a possible out of bounds write due to a double free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11...

5.5CVSS6.2AI score0.00131EPSS
Exploits0References1
OSV
OSV
added 2021/07/08 2:15 p.m.8 views

CVE-2021-25439

Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O8.1 and below, and 3.9.10.11 in Android P9.0 and above allows untrusted applications to cause arbitrary webpage loading in webview...

3.3CVSS5.9AI score0.00225EPSS
Exploits0References1
OSV
OSV
added 2021/06/21 5:15 p.m.7 views

CVE-2021-0478

In updateDrawable of StatusBarIconView.java, there is a possible permission bypass due to an uncaught exception. This could lead to local escalation of privilege by running foreground services without notifying the user, with User execution privileges needed. User interaction is not needed for...

7.8CVSS5.9AI score0.00253EPSS
Exploits0References1
OSV
OSV
added 2021/06/21 5:15 p.m.2 views

CVE-2021-0522

In ConnectionHandler::SdpCb of connectionhandler.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-1...

7.5CVSS7.2AI score0.01383EPSS
Exploits0References1
OSV
OSV
added 2021/06/21 5:15 p.m.3 views

CVE-2021-0511

In Dex2oat of dex2oat.cc, there is a possible way to inject bytecode into an app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

7.8CVSS5.9AI score0.00217EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/06/21 12:0 a.m.5 views

PT-2021-13161 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-9 through Android-11 Description: The issue is related to improper input validation in Dex2oat of dex2oat.cc, allowing for possible bytecode injection into an app. This could lead to local escalation of privilege with...

7.8CVSS7.8AI score0.00217EPSS
Exploits0References2
OSV
OSV
added 2021/06/11 5:15 p.m.4 views

CVE-2021-0476

In FindOrCreatePeer of btifav.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9...

7CVSS5.9AI score0.00183EPSS
Exploits0References1
OSV
OSV
added 2021/06/11 5:15 p.m.5 views

CVE-2021-0473

In rwt3tprocesserror of rwt3t.cc, there is a possible double free due to uninitialized data. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11...

8.8CVSS7.8AI score0.00486EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/05/03 12:0 a.m.4 views

Google Android 资源管理错误漏洞

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the Media Framework component of Google Android versions 8.1, 9, 10, and 11. No details of the vulnerability are...

7CVSS5.6AI score0.00168EPSS
Exploits0References5
OSV
OSV
added 2021/04/13 7:15 p.m.5 views

CVE-2021-0437

In setPlayPolicy of DrmPlugin.cpp, there is a possible double free. This could lead to local escalation of privilege in a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9...

7.8CVSS7.2AI score0.00242EPSS
Exploits0References1
OSV
OSV
added 2021/04/13 7:15 p.m.2 views

CVE-2021-0400

In injectBestLocation and handleUpdateLocation of GnssLocationProvider.java, there is a possible incorrect reporting of location data to emergency services due to improper input validation. This could lead to incorrect reporting of location data to emergency services with User execution privilege...

5.5CVSS6.2AI score
Exploits0References1
OSV
OSV
added 2021/04/13 7:15 p.m.4 views

CVE-2021-0431

In avrcmsgcback of avrcapi.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a paired device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.5CVSS7.2AI score0.01712EPSS
Exploits0References1
OSV
OSV
added 2021/04/13 7:15 p.m.4 views

CVE-2021-0429

In pollOnce of ALooper.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11...

7.8CVSS5.9AI score0.00126EPSS
Exploits0References1
OSV
OSV
added 2021/04/09 6:15 p.m.1 views

CVE-2021-25377

Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P9.0 below, and 12.2.0.5 in Android Q10.0 above allows attacker to execute privileged action...

7.8CVSS7.2AI score
Exploits0References2
OSV
OSV
added 2021/04/09 6:15 p.m.4 views

CVE-2021-25381

Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P9.0 and below, and 12.1.1.3 in Android Q10.0 and above allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent...

7.8CVSS7.1AI score0.00213EPSS
Exploits0References2
OSV
OSV
added 2021/04/09 6:15 p.m.5 views

CVE-2021-25374

An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O8.1 and below, and 3.9.00.9 in Android P9.0 and above allows remote attackers to access a user data related with Samsung Account...

7.5CVSS5.8AI score0.03072EPSS
Exploits0References2
OSV
OSV
added 2021/04/09 6:15 p.m.4 views

CVE-2021-25373

Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O8.x, 2.4.03.0 in Android P9.0, 2.7.02.1 in Android Q10.0 and 2.9.01.1 in Android R11.0 allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent...

7.8CVSS5.8AI score0.00213EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/04/05 12:0 a.m.4 views

Google Android 输入验证错误漏洞

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the Framework component of Google Android 9, 10, and 11. No details of the vulnerability are provided at this time...

5.5CVSS5.6AI score0.00129EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/04/05 12:0 a.m.4 views

Google Android 安全漏洞

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the System component of Google Android 9, 11. No details of the vulnerability are provided at this time...

7.8CVSS5.7AI score0.00119EPSS
Exploits0References5
OSV
OSV
added 2021/03/10 4:15 p.m.5 views

CVE-2021-0390

In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of suggested networks due to a missing permission check. This could lead to local escalation of privilege by a background user on the same device with no additional execution privileges needed. User...

7.8CVSS7.2AI score0.00238EPSS
Exploits0References1
Rows per page
Query Builder