Lucene search
K

952 matches found

Cvelist
Cvelist
added 2021/07/14 1:46 p.m.13 views

CVE-2021-0587

In StreamOut::prepareForWriting of StreamOut.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1...

8AI score0.0014EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/07/14 1:46 p.m.21 views

CVE-2021-0586

In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an unwanted bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

7.9AI score0.00298EPSS
Exploits0References1
CVE
CVE
added 2021/07/14 1:46 p.m.122 views

CVE-2021-0586

CVE-2021-0586 describes a tapjacking/overlay flaw in DevicePickerFragment.java on Android 8.1–11 that could trick users into selecting a Bluetooth device, enabling local escalation of privilege with no extra execution privileges required. The initial description notes user interaction is needed f...

7.8CVSS7.6AI score0.00298EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/07/14 1:45 p.m.17 views

CVE-2021-0596

In phNciNfcRecvMfResp of phNxpExtnsMifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...

7.3AI score0.01117EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/07/14 1:45 p.m.24 views

CVE-2021-0601

In encodeFrames of avcencfuzzer.cpp, there is a possible out of bounds write due to a double free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11...

5.5AI score0.00131EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/07/14 1:45 p.m.17 views

CVE-2021-0604

In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible way to share private files over Bluetooth due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

5.4AI score0.00144EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/07/14 1:44 p.m.17 views

CVE-2021-0588

In processInboundMessage of MceStateMachine.java, there is a possible SMS disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

5.4AI score0.00131EPSS
Exploits0References1
CVE
CVE
added 2021/07/14 1:44 p.m.120 views

CVE-2021-0594

CVE-2021-0594 affects Android: In ConfirmConnectActivity.onCreate, there is a possible remote bypass of user consent due to improper input validation. This could lead to remote (proximal, NFC) escalation of privilege by deceiving a user into allowing a Bluetooth connection with no additional exec...

8CVSS8AI score0.01393EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/07/14 1:43 p.m.15 views

CVE-2021-0515

In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

9.5AI score0.01436EPSS
Exploits0References1
CVE
CVE
added 2021/07/14 1:43 p.m.143 views

CVE-2021-0515

CVE-2021-0515 : In Android, there is an out-of-bounds write due to an incorrect bounds check in Factory::CreateStrictFunctionMap (factory.cc). This can cause remote code execution in an unprivileged process with no additional privileges and without user interaction. Affected: Android versions 8.1...

10CVSS9.3AI score0.01436EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/07/14 1:43 p.m.21 views

CVE-2020-0417

In setNiNotification of GpsNetInitiatedHandler.java, there is a possible permissions bypass due to an empty mutable PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

8AI score0.00137EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/06/23 12:0 a.m.41 views

Amazon Linux 2 : wpa_supplicant (ALAS-2021-1648)

The version of wpasupplicant installed on the remote host is prior to 2.6-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1648 advisory. In p2pcopyclientinfo of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remot...

7.9CVSS8.2AI score0.04707EPSS
Exploits1References3
Amazon
Amazon
added 2021/06/23 12:0 a.m.31 views

Medium: wpa_supplicant

Issue Overview: In p2pcopyclientinfo of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed f...

7.9CVSS8.2AI score0.04707EPSS
Exploits1
NVD
NVD
added 2021/06/21 5:15 p.m.22 views

CVE-2021-0478

In updateDrawable of StatusBarIconView.java, there is a possible permission bypass due to an uncaught exception. This could lead to local escalation of privilege by running foreground services without notifying the user, with User execution privileges needed. User interaction is not needed for...

7.8CVSS0.00253EPSS
Exploits0References1
NVD
NVD
added 2021/06/21 5:15 p.m.21 views

CVE-2021-0506

In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10...

7.3CVSS0.00282EPSS
Exploits0References1
NVD
NVD
added 2021/06/21 5:15 p.m.54 views

CVE-2021-0522

In ConnectionHandler::SdpCb of connectionhandler.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-1...

7.5CVSS0.01383EPSS
Exploits0References1
NVD
NVD
added 2021/06/21 5:15 p.m.20 views

CVE-2021-0516

In p2pprocessprovdiscreq of p2ppd.c, there is a possible out of bounds read and write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

9.8CVSS0.01556EPSS
Exploits0References1
NVD
NVD
added 2021/06/21 5:15 p.m.23 views

CVE-2021-0513

In deleteNotificationChannel and related functions of NotificationManagerService.java, there is a possible permission bypass due to improper state validation. This could lead to local escalation of privilege via hidden services with no additional execution privileges needed. User interaction is n...

7.8CVSS0.00199EPSS
Exploits0References1
NVD
NVD
added 2021/06/21 5:15 p.m.27 views

CVE-2021-0511

In Dex2oat of dex2oat.cc, there is a possible way to inject bytecode into an app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

7.8CVSS0.00217EPSS
Exploits0References1
NVD
NVD
added 2021/06/21 5:15 p.m.17 views

CVE-2021-0510

In decrypt12 of CryptoPlugin.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10...

7.8CVSS0.00218EPSS
Exploits0References1
Rows per page
Query Builder