Android@11.0 Security Vulnerabilities and Issues — Android@11.0 CVE List

Lucene search

SamsungAndroid11.0

137 matches found

CVE•added 2021/03/04 9:15 p.m.•650 views

CVE-2021-25337

Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files.

7.1CVSS6.7AI score0.00349EPSS

CVE•added 2021/03/26 7:15 p.m.•639 views

CVE-2021-25370

An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic.

6.1CVSS5AI score0.00879EPSS

CVE•added 2023/05/04 9:15 p.m.•539 views

CVE-2023-21492

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR.

4.4CVSS4.9AI score0.00494EPSS

CVE•added 2021/03/26 7:15 p.m.•412 views

CVE-2021-25372

An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access.

7.2CVSS6.7AI score0.01872EPSS

CVE•added 2021/03/26 7:15 p.m.•405 views

CVE-2021-25371

A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.

7.2CVSS6.8AI score0.02521EPSS

CVE•added 2021/10/06 6:15 p.m.•397 views

CVE-2021-25489

Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.

5.5CVSS5.6AI score0.00289EPSS

CVE•added 2021/10/06 6:15 p.m.•395 views

CVE-2021-25487

Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.

7.8CVSS8AI score0.00926EPSS

CVE•added 2021/06/11 3:15 p.m.•385 views

CVE-2021-25394

A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio privilege is compromised.

6.4CVSS6.8AI score0.00927EPSS

CVE•added 2021/06/11 3:15 p.m.•381 views

CVE-2021-25395

A race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows local attackers to bypass signature check given a radio privilege is compromised.

6.4CVSS6.5AI score0.00276EPSS

CVE•added 2024/02/06 3:15 a.m.•93 views

CVE-2024-20819

Out-of-bounds Write vulnerabilities in svc1td_vld_plh_ap of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.

7.8CVSS7.6AI score0.00076EPSS

CVE•added 2024/03/05 5:15 a.m.•74 views

CVE-2024-20832

Heap overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code.

6.7CVSS6.7AI score0.00058EPSS

CVE•added 2024/03/05 5:15 a.m.•70 views

CVE-2024-20831

Stack overflow in Little Kernel in bootloader prior to SMR Mar-2024 Release 1 allows local privileged attackers to execute arbitrary code.

6.7CVSS6.7AI score0.00062EPSS

CVE•added 2024/01/04 1:15 a.m.•64 views

CVE-2024-20804

Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file.

5.5CVSS5.4AI score0.00096EPSS

CVE•added 2024/02/06 3:15 a.m.•63 views

CVE-2024-20820

Improper input validation in bootloader prior to SMR Feb-2024 Release 1 allows local privileged attackers to cause an Out-Of-Bounds read.

7.1CVSS6.6AI score0.00016EPSS

CVE•added 2024/02/06 3:15 a.m.•62 views

CVE-2024-20818

Out-of-bounds Write vulnerabilities in svc1td_vld_elh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.

7.8CVSS7.6AI score0.00076EPSS

CVE•added 2023/11/07 8:15 a.m.•56 views

CVE-2023-42536

An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write.

8.4CVSS7.3AI score0.00073EPSS

CVE•added 2024/02/06 3:15 a.m.•56 views

CVE-2024-20817

Out-of-bounds Write vulnerabilities in svc1td_vld_slh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow.

7.8CVSS7.6AI score0.00076EPSS

CVE•added 2023/10/04 4:15 a.m.•55 views

CVE-2023-30690

Improper input validation vulnerability in Duo prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities.

8.5CVSS7.3AI score0.00044EPSS

CVE•added 2024/03/05 5:15 a.m.•55 views

CVE-2024-20830

Incorrect default permission in AppLock prior to SMR MAr-2024 Release 1 allows local attackers to configure AppLock settings.

5.3CVSS5.1AI score0.00063EPSS

CVE•added 2024/01/04 1:15 a.m.•54 views

CVE-2024-20805

Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file.

5.5CVSS5.4AI score0.00069EPSS

CVE•added 2024/02/06 3:15 a.m.•53 views

CVE-2024-20814

Out-of-bounds Read in padmd_vld_ac_prog_refine of libpadm.so prior to SMR Feb-2024 Release 1 allows local attackers access unauthorized information.

5.5CVSS5.3AI score0.00053EPSS

CVE•added 2023/11/07 8:15 a.m.•52 views

CVE-2023-42537

An improper input validation in get_head_crc in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write.

8.4CVSS7.3AI score0.00073EPSS

CVE•added 2023/10/04 4:15 a.m.•51 views

CVE-2023-30692

Improper input validation vulnerability in Evaluator prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities.

8.5CVSS7.3AI score0.00108EPSS

CVE•added 2024/03/05 5:15 a.m.•51 views

CVE-2024-20836

Out of bounds Read vulnerability in ssmis_get_frm in libsubextractor.so prior to SMR Mar-2024 Release 1 allows local attackers to read out of bounds memory.

5.5CVSS3.9AI score0.0007EPSS

CVE•added 2023/02/09 7:15 p.m.•50 views

CVE-2023-21422

Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR Jan-2023 Release 1 allows attackers to set custom DNS server without permission via binding WifiService.

5.7CVSS5.4AI score0.00047EPSS

CVE•added 2023/08/10 2:15 a.m.•50 views

CVE-2023-30688

Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

7.8CVSS7.7AI score0.00029EPSS

CVE•added 2024/03/05 5:15 a.m.•50 views

CVE-2024-20834

The sensitive information exposure vulnerability in WlanTest prior to SMR Mar-2024 Release 1 allows local attackers to access MAC address without proper permission.

3.3CVSS3.7AI score0.00081EPSS

CVE•added 2023/02/09 7:15 p.m.•49 views

CVE-2023-21424

Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper prior to SMR Jan-2023 Release 1 allows attacker to modify network related values, network code, carrier id and operator brand.

5.1CVSS4.1AI score0.00029EPSS

CVE•added 2023/03/16 9:15 p.m.•49 views

CVE-2023-21459

Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault.

9.8CVSS9.4AI score0.00062EPSS

CVE•added 2023/02/09 7:15 p.m.•48 views

CVE-2023-21436

Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID.

3.3CVSS4.1AI score0.00088EPSS

CVE•added 2023/02/09 7:15 p.m.•48 views

CVE-2023-21437

Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows local attackers to access sensitive information via implicit broadcast.

5.5CVSS5.2AI score0.00056EPSS

CVE•added 2023/11/07 8:15 a.m.•48 views

CVE-2023-42538

An improper input validation in saped_rec_silence in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write.

7.8CVSS7.3AI score0.00066EPSS

CVE•added 2024/03/05 5:15 a.m.•48 views

CVE-2024-20835

Improper access control vulnerability in CustomFrequencyManagerService prior to SMR Mar-2024 Release 1 allows local attackers to execute privileged behaviors.

7.8CVSS4.5AI score0.0007EPSS

CVE•added 2023/02/09 7:15 p.m.•47 views

CVE-2023-21427

Improper access control vulnerability in NfcTile prior to SMR Jan-2023 Release 1 allows to attacker to use NFC without user recognition.

6.5CVSS6.3AI score0.00051EPSS

CVE•added 2023/03/16 9:15 p.m.•47 views

CVE-2023-21456

Path traversal vulnerability in Galaxy Themes Service prior to SMR Mar-2023 Release 1 allows attacker to access arbitrary file with system uid.

9CVSS5.5AI score0.00111EPSS

CVE•added 2023/03/16 9:15 p.m.•47 views

CVE-2023-21460

Improper authentication in SecSettings prior to SMR Mar-2023 Release 1 allows attacker to reset the setting.

4.4CVSS4.8AI score0.00041EPSS

CVE•added 2023/08/10 2:15 a.m.•47 views

CVE-2023-30697

An improper input validation in IpcTxCfgSetSimlockPayload in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.

7.8CVSS7.4AI score0.00028EPSS

CVE•added 2023/11/07 8:15 a.m.•47 views

CVE-2023-42531

Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows local attackers to bypass restrictions on starting activities from the background.

7.1CVSS6.7AI score0.00016EPSS

CVE•added 2024/02/06 3:15 a.m.•47 views

CVE-2024-20811

Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer.

5.1CVSS4AI score0.00047EPSS

CVE•added 2024/05/07 5:15 a.m.•46 views

CVE-2024-20862

Out-of-bounds write in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to execute arbitrary code.

6.7CVSS7.2AI score0.00041EPSS

CVE•added 2023/08/10 2:15 a.m.•45 views

CVE-2023-30693

Out-of-bounds Write in DoOemFactorySendFactoryBypassCommand of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

7.8CVSS7.7AI score0.00008EPSS

CVE•added 2023/02/09 7:15 p.m.•44 views

CVE-2023-21438

Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical attacker to access App preview protected by Secure Folder.

2.4CVSS3.7AI score0.00084EPSS

CVE•added 2023/02/09 7:15 p.m.•44 views

CVE-2023-21441

Insufficient Verification of Data Authenticity vulnerability in Routine prior to versions 2.6.30.6 in Android Q(10), 3.1.21.10 in Android R(11) and 3.5.2.23 in Android S(12) allows local attacker to access protected files via unused code.

7.4CVSS5.2AI score0.00042EPSS

CVE•added 2023/03/16 9:15 p.m.•44 views

CVE-2023-21458

Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent.

6.2CVSS4.1AI score0.00055EPSS

CVE•added 2023/08/10 2:15 a.m.•44 views

CVE-2023-30685

Improper access control vulnerability in Telecom prior to SMR Aug-2023 Release 1 allows local attakcers to change TTY mode.

4.3CVSS4AI score0.00064EPSS

CVE•added 2023/09/06 4:15 a.m.•44 views

CVE-2023-30708

Improper authentication in SecSettings prior to SMR Sep-2023 Release 1 allows attacker to access Captive Portal Wi-Fi in Reactivation Lock status.

7.5CVSS7.5AI score0.00254EPSS

CVE•added 2023/10/04 4:15 a.m.•44 views

CVE-2023-30727

Improper access control vulnerability in SecSettings prior to SMR Oct-2023 Release 1 allows attackers to enable Wi-Fi and connect arbitrary Wi-Fi without User Interaction.

7.5CVSS7.5AI score0.00094EPSS

CVE•added 2023/08/10 2:15 a.m.•43 views

CVE-2023-30681

An improper input validation vulnerability within initialize function in HAL VaultKeeper prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write.

7.8CVSS7.4AI score0.00028EPSS

CVE•added 2023/08/10 2:15 a.m.•43 views

CVE-2023-30691

Parcel mismatch in AuthenticationConfig prior to SMR Aug-2023 Release 1 allows local attacker to privilege escalation.

8.4CVSS7.4AI score0.00049EPSS

CVE•added 2023/08/10 2:15 a.m.•43 views

CVE-2023-30694

Out-of-bounds Write in IpcTxPcscTransmitApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code.

7.8CVSS7.7AI score0.00029EPSS

Total number of security vulnerabilities137