|
195541
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In hasNamedWallpaper of WallpaperManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead t…
|
CWE-862
Missing Authorization
|
CVE-2021-1025
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195542
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In onEventReceived of EventResultPersister.java, there is a possible intent redirection due to a confused deputy. This could lead to local escalation of privilege with System execution privileges nee…
|
NVD-CWE-Other
|
CVE-2021-1024
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195543
|
5.0 |
MEDIUM
Local
|
google
|
android
|
In onCreate of RequestIgnoreBatteryOptimizations.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This co…
|
CWE-200
Information Exposure
|
CVE-2021-1023
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195544
|
7.5 |
HIGH
Network
|
google
|
android
|
In btif_in_hf_client_generic_evt of btif_hf_client.cc, there is a possible Bluetooth service crash due to a missing null check. This could lead to remote denial of service with no additional executio…
|
CWE-476
NULL Pointer Dereference
|
CVE-2021-1022
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195545
|
7.3 |
HIGH
Local
|
google
|
android
|
In snoozeNotificationInt of NotificationManagerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. This could lead to local escalatio…
|
CWE-20
Improper Input Validation
|
CVE-2021-1021
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195546
|
7.3 |
HIGH
Local
|
google
|
android
|
In snoozeNotification of NotificationListenerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. This could lead to local escalation …
|
CWE-20
Improper Input Validation
|
CVE-2021-1020
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195547
|
7.3 |
HIGH
Local
|
google
|
android
|
In snoozeNotification of NotificationListenerService.java, there is a possible permission confusion due to a misleading user consent dialog. This could lead to local escalation of privilege with User…
|
NVD-CWE-Other
|
CVE-2021-1019
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195548
|
3.3 |
LOW
Local
|
google
|
android
|
In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-1018
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195549
|
7.8 |
HIGH
Local
|
google
|
android
|
In AdapterService and GattService definition of AndroidManifest.xml, there is a possible way to disable bluetooth connection due to a missing permission check. This could lead to local escalation of …
|
CWE-862
Missing Authorization
|
CVE-2021-1017
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195550
|
7.3 |
HIGH
Local
|
google
|
android
|
In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB without informed user consent due to a tapjacking/overlay attack. This could lead to local escalation …
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-1016
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
