|
196111
|
7.8 |
HIGH
Local
|
google
|
android
|
In setClientStateLocked of SurfaceFlinger.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privilege…
|
CWE-787
CWE-416
Out-of-bounds Write
Use After Free
|
CVE-2021-1029
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196112
|
7.8 |
HIGH
Local
|
google
|
android
|
In setClientStateLocked of SurfaceFlinger.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privilege…
|
CWE-787
CWE-416
Out-of-bounds Write
Use After Free
|
CVE-2021-1028
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196113
|
7.8 |
HIGH
Local
|
google
|
android
|
In setTransactionState of SurfaceFlinger, there is possible arbitrary code execution in a privileged process due to improper casting. This could lead to local escalation of privilege with no addition…
|
CWE-704
Incorrect Type Conversion or Cast
|
CVE-2021-1027
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196114
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In startRanging of RttServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to loc…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-1026
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196115
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In hasNamedWallpaper of WallpaperManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead t…
|
CWE-862
Missing Authorization
|
CVE-2021-1025
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196116
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In onEventReceived of EventResultPersister.java, there is a possible intent redirection due to a confused deputy. This could lead to local escalation of privilege with System execution privileges nee…
|
NVD-CWE-Other
|
CVE-2021-1024
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196117
|
5.0 |
MEDIUM
Local
|
google
|
android
|
In onCreate of RequestIgnoreBatteryOptimizations.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This co…
|
CWE-200
Information Exposure
|
CVE-2021-1023
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196118
|
7.5 |
HIGH
Network
|
google
|
android
|
In btif_in_hf_client_generic_evt of btif_hf_client.cc, there is a possible Bluetooth service crash due to a missing null check. This could lead to remote denial of service with no additional executio…
|
CWE-476
NULL Pointer Dereference
|
CVE-2021-1022
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196119
|
7.3 |
HIGH
Local
|
google
|
android
|
In snoozeNotificationInt of NotificationManagerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. This could lead to local escalatio…
|
CWE-20
Improper Input Validation
|
CVE-2021-1021
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196120
|
7.3 |
HIGH
Local
|
google
|
android
|
In snoozeNotification of NotificationListenerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. This could lead to local escalation …
|
CWE-20
Improper Input Validation
|
CVE-2021-1020
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
