|
195921
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In flv extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interac…
|
CWE-125
Out-of-bounds Read
|
CVE-2021-0409
|
2024-11-21 14:42 |
2021-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195922
|
7.8 |
HIGH
Local
|
google
|
android
|
In multiple methods of AAudioService, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interact…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2021-0483
|
2024-11-21 14:42 |
2021-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195923
|
7.5 |
HIGH
Network
|
juniper
|
junos
|
An Improper Handling of Exceptional Conditions vulnerability in the processing of a transit or directly received malformed IPv6 packet in Juniper Networks Junos OS results in a kernel crash, causing …
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2021-0299
|
2024-11-21 14:42 |
2021-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195924
|
4.7 |
MEDIUM
Local
|
juniper
|
junos_os_evolved
|
A Race Condition in the 'show chassis pic' command in Juniper Networks Junos OS Evolved may allow an attacker to crash the port interface concentrator daemon (picd) process on the FPC, if the command…
|
CWE-362
Race Condition
|
CVE-2021-0298
|
2024-11-21 14:42 |
2021-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195925
|
6.5 |
MEDIUM
Network
|
juniper
|
junos_os_evolved
|
A vulnerability in the processing of TCP MD5 authentication in Juniper Networks Junos OS Evolved may allow a BGP or LDP session configured with MD5 authentication to succeed, even if the peer does no…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2021-0297
|
2024-11-21 14:42 |
2021-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195926
|
7.4 |
HIGH
Network
|
juniper
|
ctpview
|
The Juniper Networks CTPView server is not enforcing HTTP Strict Transport Security (HSTS). HSTS is an optional response header which allows servers to indicate that content from the requested domain…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2021-0296
|
2024-11-21 14:42 |
2021-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195927
|
7.3 |
HIGH
Local
|
google
|
android
|
In onCreate of BluetoothPairingDialog, there is a possible way to enable Bluetooth without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User …
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-0583
|
2024-11-21 14:42 |
2021-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195928
|
7.3 |
HIGH
Local
|
google
|
android
|
In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User e…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-0598
|
2024-11-21 14:42 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195929
|
7.8 |
HIGH
Local
|
google
|
android
|
In lockAllProfileTasks of RootWindowContainer.java, there is a possible way to access the work profile without the profile PIN, after logging in. This could lead to local escalation of privilege with…
|
CWE-287
Improper Authentication
|
CVE-2021-0595
|
2024-11-21 14:42 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195930
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In memory management driver, there is a possible side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction …
|
NVD-CWE-noinfo
|
CVE-2021-0425
|
2024-11-21 14:42 |
2021-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
