Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:15 a.m.5 views

CVE-2021-0966

In code generated by BuildParcelFields of generatecpp.cpp, there is a possible way for a crafted parcelable to reveal uninitialized memory of a target process due to uninitialized data. This could lead to local information disclosure across Binder transactions with no additional execution...

5.5CVSS5.7AI score0.00111EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-3585

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.00111EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.5 views

The vulnerability of the binder_txns_pending_ilocked() function in the drivers/android/binder.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the bindertxnspendingilocked function in the drivers/android/binder.c module of the Linux operating system’s kernel is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to compromise the confidentiality,...

7CVSS6.5AI score0.00149EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2022/04/22 12:0 a.m.8 views

PT-2022-1385

Name of the Vulnerable Software and Affected Versions Android kernel Description The issue is related to a possible use after free due to improper input validation in the binder transaction buffer release of binder.c. This could lead to local escalation of privilege with no additional execution...

8.1CVSS6.9AI score0.00332EPSS
Exploits1References135
CNVD
CNVD
added 2021/12/22 12:0 a.m.16 views

Google Android Information Disclosure Vulnerability (CNVD-2021-101960)

Google Android is a Linux-based open source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability that can be exploited by attackers to cause local information disclosure across Binder transactions without additional execution privileges...

5.5CVSS4.3AI score0.00111EPSS
Exploits0References1
OSV
OSV
added 2021/12/15 7:15 p.m.2 views

CVE-2021-0966

In code generated by BuildParcelFields of generatecpp.cpp, there is a possible way for a crafted parcelable to reveal uninitialized memory of a target process due to uninitialized data. This could lead to local information disclosure across Binder transactions with no additional execution...

5.5CVSS5.9AI score
Exploits0References1
NVD
NVD
added 2021/12/15 7:15 p.m.15 views

CVE-2021-0966

In code generated by BuildParcelFields of generatecpp.cpp, there is a possible way for a crafted parcelable to reveal uninitialized memory of a target process due to uninitialized data. This could lead to local information disclosure across Binder transactions with no additional execution...

5.5CVSS0.00111EPSS
Exploits0References1
Prion
Prion
added 2021/12/15 7:15 p.m.14 views

Information disclosure

In code generated by BuildParcelFields of generatecpp.cpp, there is a possible way for a crafted parcelable to reveal uninitialized memory of a target process due to uninitialized data. This could lead to local information disclosure across Binder transactions with no additional execution...

2.1CVSS5.6AI score0.00111EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/12/15 6:5 p.m.114 views

CVE-2021-0966

CVE-2021-0966 affects Android 11 and 12. It arises from BuildParcelFields in generate_cpp.cpp, allowing a crafted parcelable to reveal uninitialized memory in a target process and cause local information disclosure across Binder transactions without extra privileges or user interaction. Impact is...

5.5CVSS5.3AI score0.00111EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/12/06 12:0 a.m.5 views

Google Android 信息泄露漏洞

Google Android is a Linux-based open source operating system from Google, Inc. Google Android is vulnerable to an information disclosure vulnerability that can be exploited by attackers to cause local information disclosure across Binder transactions without additional execution privileges...

5.5CVSS5.8AI score0.00111EPSS
Exploits0References4
OSV
OSV
added 2021/12/01 12:0 a.m.25 views

ASB-A-198346478

In code generated by BuildParcelFields of generatecpp.cpp, there is a possible way for a crafted parcelable to reveal uninitialized memory of a target process due to uninitialized data. This could lead to local information disclosure across Binder transactions with no additional execution...

5.5CVSS5.3AI score0.00111EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2020/02/13 12:0 a.m.18 views

Calling getpidcon for One Way Binder Transactions Returns Wrong Security Context

The servicemanager, keystore and drmserver all use getpidcon function to get the security context of the caller from a binder. When combined with a one way binder transaction this results in getting the security context of the current process which might allow a selinux mac bypass. Recent...

2.7AI score
Exploits0References1
OSV
OSV
added 2019/04/30 6:29 p.m.4 views

UBUNTU-CVE-2018-20510

The printbindertransactionilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "from code flags" lines in a debugfs file...

5.5CVSS6.4AI score0.0041EPSS
Exploits0References3
Rows per page
Query Builder