|
201311
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In getDeviceIdWithFeature of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This …
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-1005
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201312
|
7.8 |
HIGH
Local
|
google
|
android
|
In getConfiguredNetworks of WifiServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to lo…
|
CWE-862
Missing Authorization
|
CVE-2021-1004
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201313
|
7.8 |
HIGH
Local
|
google
|
android
|
In adjustStreamVolume of AudioService.java, there is a possible way for unprivileged app to change audio stream volume due to a confused deputy. This could lead to local escalation of privilege with …
|
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
|
CVE-2021-1003
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201314
|
7.5 |
HIGH
Network
|
google
|
android
|
In WT_Interpolate of eas_wtengine.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges nee…
|
CWE-125
Out-of-bounds Read
|
CVE-2021-1002
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201315
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In PVInitVideoEncoder of mp4enc_api.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges …
|
CWE-125
Out-of-bounds Read
|
CVE-2021-1001
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201316
|
7.8 |
HIGH
Local
|
google
|
android
|
In the broadcast definition in AndroidManifest.xml, there is a possible way to set the A2DP bluetooth device connection state due to a missing permission check. This could lead to local escalation of…
|
CWE-862
Missing Authorization
|
CVE-2021-0999
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201317
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In 'ih264e_find_bskip_params()' of ih264e_me.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution priv…
|
CWE-125
Out-of-bounds Read
|
CVE-2021-0998
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201318
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In handleUpdateNetworkState of GnssNetworkConnectivityHandler.java , there is a possible APN disclosure due to log information disclosure. This could lead to local information disclosure with no addi…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2021-0997
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201319
|
4.5 |
MEDIUM
Adjacent
|
google
|
android
|
In nfaHciCallback of HciEventManager.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over NFC with System execution privileg…
|
CWE-125
Out-of-bounds Read
|
CVE-2021-0996
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201320
|
3.3 |
LOW
Local
|
google
|
android
|
In registerSuggestionConnectionStatusListener of WifiServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information dis…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-0995
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
