Lucene search
K

952 matches found

NVD
NVD
added 2021/10/06 3:15 p.m.23 views

CVE-2021-0683

In runTraceIpcStop of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS0.00218EPSS
Exploits0References1
NVD
NVD
added 2021/10/06 3:15 p.m.17 views

CVE-2021-0688

In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8....

7CVSS0.00155EPSS
Exploits0References1
NVD
NVD
added 2021/10/06 3:15 p.m.22 views

CVE-2021-0684

In TouchInputMapper::sync of TouchInputMapper.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

7.8CVSS0.00118EPSS
Exploits0References1
NVD
NVD
added 2021/10/06 3:15 p.m.15 views

CVE-2021-0689

In RGBtoBGR1portable of SkSwizzleropts.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

5.5CVSS0.00115EPSS
Exploits0References1
NVD
NVD
added 2021/10/06 3:15 p.m.12 views

CVE-2021-0687

In ellipsize of Layout.java, there is a possible ANR due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Androi...

5CVSS0.00113EPSS
Exploits0References1
Prion
Prion
added 2021/10/06 3:15 p.m.15 views

Design/Logic Flaw

In lockAllProfileTasks of RootWindowContainer.java, there is a possible way to access the work profile without the profile PIN, after logging in. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Produc...

4.6CVSS7.7AI score0.00198EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/10/06 3:15 p.m.14 views

Out-of-bounds

In RGBtoBGR1portable of SkSwizzleropts.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

2.1CVSS5AI score0.00115EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/10/06 3:15 p.m.14 views

Design/Logic Flaw

In sendAccessibilityEvent of NotificationManagerService.java, there is a possible disclosure of notification data due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product:...

2.1CVSS5.1AI score0.0011EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/10/06 3:15 p.m.16 views

Design/Logic Flaw

In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...

4.4CVSS7.3AI score0.00115EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/10/06 3:15 p.m.12 views

Heap overflow

In ih264dmarkerrsliceskip of ih264dparsepslice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9...

4.3CVSS6.4AI score0.00778EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/10/06 3:15 p.m.17 views

Input validation

In ellipsize of Layout.java, there is a possible ANR due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Androi...

1.9CVSS5AI score0.00113EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/10/06 3:15 p.m.13 views

Out-of-bounds

In TouchInputMapper::sync of TouchInputMapper.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

4.6CVSS7.7AI score0.00118EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/10/06 3:15 p.m.15 views

Race condition

In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8....

4.4CVSS7AI score0.00155EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/10/06 2:12 p.m.20 views

CVE-2021-0689

In RGBtoBGR1portable of SkSwizzleropts.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

5.3AI score0.00115EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/10/06 2:11 p.m.16 views

CVE-2021-0687

In ellipsize of Layout.java, there is a possible ANR due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Androi...

5.3AI score0.00113EPSS
Exploits0References1
CVE
CVE
added 2021/10/06 2:11 p.m.133 views

CVE-2021-0683

CVE-2021-0683 (Android) : In runTraceIpcStop of ActivityManagerShellCommand.java, a confused deputy can trigger deletion of system files, causing local escalation of privilege without additional execution privileges. Affected: Android 8.1, 9, 10, 11. CVSSv3.1 base score 7.8 (HIGH). Exploitation r...

7.8CVSS7.7AI score0.00218EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/10/06 2:11 p.m.27 views

CVE-2021-0690

In ih264dmarkerrsliceskip of ih264dparsepslice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9...

6.7AI score0.00778EPSS
Exploits0References1
CVE
CVE
added 2021/10/06 2:11 p.m.112 views

CVE-2021-0598

CVE-2021-0598 refers to an Android vulnerability in ConfirmConnectActivity.java where tapping a dialog could allow a tapjacking/overlay attack to pair with untrusted Bluetooth devices, potentially enabling local privilege escalation. Affected products: Android versions 11, 10, 9, and 8.1. Root ca...

7.3CVSS7.3AI score0.00115EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/10/06 2:11 p.m.24 views

CVE-2021-0684

In TouchInputMapper::sync of TouchInputMapper.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

8AI score0.00118EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/10/06 2:10 p.m.22 views

CVE-2021-0688

In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8....

7.2AI score0.00155EPSS
Exploits0References1
Rows per page
Query Builder