|
202831
|
7.8 |
HIGH
Local
|
juniper
|
junos
|
A sensitive information disclosure vulnerability in delta-export configuration utility (dexp) of Juniper Networks Junos OS may allow a locally authenticated shell user the ability to create and read …
|
CWE-269
Improper Privilege Management
|
CVE-2021-0204
|
2024-11-21 14:42 |
2021-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202832
|
8.6 |
HIGH
Network
|
juniper
|
junos
|
On Juniper Networks EX and QFX5K Series platforms configured with Redundant Trunk Group (RTG), Storm Control profile applied on the RTG interface might not take affect when it reaches the threshold c…
|
NVD-CWE-noinfo
|
CVE-2021-0203
|
2024-11-21 14:42 |
2021-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202833
|
7.5 |
HIGH
Network
|
juniper
|
junos
|
On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC (Modular Port Concentrator) where Integrated Routing and Bridging (IRB) interface is configured and it is mapped to a VPL…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2021-0202
|
2024-11-21 14:42 |
2021-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202834
|
5.0 |
MEDIUM
Local
|
google
|
android
|
In onCreate of SlicePermissionActivity.java, there is a possible misleading string displayed due to improper input validation. This could lead to local information disclosure with User execution priv…
|
CWE-20
Improper Input Validation
|
CVE-2021-0322
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202835
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In enforceDumpPermissionForPackage of ActivityManagerService.java, there is a possible way to determine if a package is installed due to side channel information disclosure. This could lead to local …
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-0321
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202836
|
4.7 |
MEDIUM
Local
|
google
|
android
|
In is_device_locked and set_device_locked of keystore_keymaster_enforcement.h, there is a possible bypass of lockscreen requirements for keyguard bound keys due to a race condition. This could lead t…
|
CWE-362
Race Condition
|
CVE-2021-0320
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202837
|
7.8 |
HIGH
Local
|
google
|
android
|
In appendEventsToCacheLocked of SensorEventConnection.cpp, there is a possible out of bounds write due to a use-after-free. This could lead to local escalation of privilege with no additional executi…
|
CWE-787
CWE-416
Out-of-bounds Write
Use After Free
|
CVE-2021-0318
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202838
|
7.8 |
HIGH
Local
|
google
|
android
|
In createOrUpdate of Permission.java and related code, there is possible permission escalation due to a logic error. This could lead to local escalation of privilege with no additional execution priv…
|
CWE-863
Incorrect Authorization
|
CVE-2021-0317
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202839
|
7.3 |
HIGH
Local
|
google
|
android
|
In checkCallerIsSystemOr of CompanionDeviceManagerService.java, there is a possible way to get a nearby Bluetooth device's MAC address without appropriate permissions due to a permissions bypass. Thi…
|
CWE-863
Incorrect Authorization
|
CVE-2021-0319
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202840
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-0316
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
