|
195841
|
7.8 |
HIGH
Local
|
google
|
android
|
In updatePermissionSourcePackage of PermissionManagerService.java, there is a possible automatic runtime permission grant due to a confused deputy. This could lead to local escalation of privilege al…
|
NVD-CWE-Other
|
CVE-2021-0307
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195842
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In several functions of GlobalScreenshot.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure of the user's contacts with User e…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2021-0304
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195843
|
7.8 |
HIGH
Local
|
google
|
android
|
In addAllPermissions of PermissionManagerService.java, there is a possible permissions bypass when upgrading major Android versions which allows an app to gain the android.permission.ACTIVITY_RECOGNI…
|
CWE-269
Improper Privilege Management
|
CVE-2021-0306
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195844
|
7.0 |
HIGH
Local
|
google
|
android
|
In dispatchGraphTerminationMessage() of packages/services/Car/computepipe/runner/graph/StreamSetObserver.cpp, there is a possible use after free due to a race condition. This could lead to local esca…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2021-0303
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195845
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-0301
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195846
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. User interaction is …
|
CWE-416
Use After Free
|
CVE-2021-0342
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195847
|
5.3 |
MEDIUM
Network
|
apple
|
macos
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs.
|
NVD-CWE-noinfo
|
CVE-2020-9846
|
2024-11-21 14:41 |
2023-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195848
|
5.3 |
MEDIUM
Network
|
navercorp
|
whale
|
NAVER Whale browser mobile app before 1.10.6.2 allows the attacker to bypass its browser unlock function via incognito mode.
|
NVD-CWE-noinfo
|
CVE-2020-9754
|
2024-11-21 14:41 |
2022-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195849
|
6.6 |
MEDIUM
Physics
|
netapp
intel
|
cloud_backup
fas\/aff_bios
xeon_bronze_3206r_firmware
xeon_gold_5218r_firmware
xeon_gold_5220r_firmware
xeon_gold_6208u_firmware
xeon_gold_6226r_firmware
xeon_gold_6230r_firmware…
|
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access.
|
CWE-665
Improper Initialization
|
CVE-2021-0125
|
2024-11-21 14:41 |
2022-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195850
|
6.6 |
MEDIUM
Physics
|
netapp
intel
|
cloud_backup
fas\/aff_bios
xeon_bronze_3206r_firmware
xeon_gold_5218r_firmware
xeon_gold_5220r_firmware
xeon_gold_6208u_firmware
xeon_gold_6226r_firmware
xeon_gold_6230r_firmware…
|
Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access.
|
NVD-CWE-Other
|
CVE-2021-0124
|
2024-11-21 14:41 |
2022-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
