|
195761
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In jpeg, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not ne…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-0402
|
2024-11-21 14:42 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195762
|
6.4 |
MEDIUM
Local
|
google
|
android
|
In vow, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploit…
|
CWE-362
Race Condition
|
CVE-2021-0401
|
2024-11-21 14:42 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195763
|
6.4 |
MEDIUM
Local
|
google
|
android
|
In vpu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exp…
|
CWE-362
Race Condition
|
CVE-2021-0367
|
2024-11-21 14:42 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195764
|
6.4 |
MEDIUM
Local
|
google
|
android
|
In vpu, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exp…
|
CWE-362
Race Condition
|
CVE-2021-0366
|
2024-11-21 14:42 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195765
|
7.5 |
HIGH
Network
|
google
|
android
|
In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with…
|
CWE-295
Improper Certificate Validation
|
CVE-2021-0341
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195766
|
8.8 |
HIGH
Network
|
google
|
android
|
In parseNextBox of IsoInterface.java, there is a possible leak of unredacted location information due to improper input validation. This could lead to remote information disclosure with no additional…
|
CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
|
CVE-2021-0340
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195767
|
7.8 |
HIGH
Local
|
google
|
android
|
In loadAnimation of WindowContainer.java, there is a possible way to keep displaying a malicious app while a target app is brought to the foreground. This could lead to local escalation of privilege …
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2021-0339
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195768
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In SystemSettingsValidators, there is a possible permanent denial of service due to missing bounds checks on UI settings. This could lead to local denial of service with User execution privileges nee…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-0338
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195769
|
7.8 |
HIGH
Local
|
google
|
android
|
In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale metadata. This could lead to local escalation of privilege with User execution privileges needed. User i…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2021-0337
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195770
|
7.8 |
HIGH
Local
|
google
|
android
|
In onReceive of BluetoothPermissionRequest.java, there is a possible permissions bypass due to a mutable PendingIntent. This could lead to local escalation of privilege that bypasses a permission che…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2021-0336
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
