|
203211
|
7.8 |
HIGH
Local
|
google
|
android
|
In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2021-0334
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
203212
|
7.3 |
HIGH
Local
|
google
|
android
|
In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connectin…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-0333
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
203213
|
7.8 |
HIGH
Local
|
google
|
android
|
In bootFinished of SurfaceFlinger.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with User execution privileges needed. User inte…
|
CWE-416
Use After Free
|
CVE-2021-0332
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
203214
|
7.3 |
HIGH
Local
|
google
|
android
|
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. This could lead to local escalation of privilege and notification acce…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-0331
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
203215
|
7.8 |
HIGH
Local
|
google
|
android
|
In add_user_ce and remove_user_ce of storaged.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in storaged with no additional executio…
|
CWE-416
Use After Free
|
CVE-2021-0330
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
203216
|
7.8 |
HIGH
Local
|
google
|
android
|
In several native functions called by AdvertiseManager.java, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth s…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-0329
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
203217
|
7.8 |
HIGH
Local
|
google
|
android
|
In onBatchScanReports and deliverBatchScan of GattService.java, there is a possible way to retrieve Bluetooth scan results without permissions due to a missing permission check. This could lead to lo…
|
CWE-862
Missing Authorization
|
CVE-2021-0328
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
203218
|
7.8 |
HIGH
Local
|
google
|
android
|
In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. This could lead to local escalation of privilege with no additio…
|
CWE-269
Improper Privilege Management
|
CVE-2021-0327
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
203219
|
7.5 |
HIGH
Adjacent
|
google
fedoraproject
debian
|
android
fedora
debian_linux
|
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct sea…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-0326
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
203220
|
8.8 |
HIGH
Network
|
google
|
android
|
In ih264d_parse_pslice of ih264d_parse_pslice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privilege…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-0325
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
