|
197041
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In enforceDumpPermissionForPackage of ActivityManagerService.java, there is a possible way to determine if a package is installed due to side channel information disclosure. This could lead to local …
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-0321
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197042
|
4.7 |
MEDIUM
Local
|
google
|
android
|
In is_device_locked and set_device_locked of keystore_keymaster_enforcement.h, there is a possible bypass of lockscreen requirements for keyguard bound keys due to a race condition. This could lead t…
|
CWE-362
Race Condition
|
CVE-2021-0320
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197043
|
7.8 |
HIGH
Local
|
google
|
android
|
In appendEventsToCacheLocked of SensorEventConnection.cpp, there is a possible out of bounds write due to a use-after-free. This could lead to local escalation of privilege with no additional executi…
|
CWE-787
CWE-416
Out-of-bounds Write
Use After Free
|
CVE-2021-0318
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197044
|
7.8 |
HIGH
Local
|
google
|
android
|
In createOrUpdate of Permission.java and related code, there is possible permission escalation due to a logic error. This could lead to local escalation of privilege with no additional execution priv…
|
CWE-863
Incorrect Authorization
|
CVE-2021-0317
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197045
|
7.3 |
HIGH
Local
|
google
|
android
|
In checkCallerIsSystemOr of CompanionDeviceManagerService.java, there is a possible way to get a nearby Bluetooth device's MAC address without appropriate permissions due to a permissions bypass. Thi…
|
CWE-863
Incorrect Authorization
|
CVE-2021-0319
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197046
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-0316
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197047
|
7.3 |
HIGH
Local
|
google
|
android
|
In onCreate of GrantCredentialsPermissionActivity.java, there is a possible way to convince the user to grant an app access to an account due to a tapjacking/overlay attack. This could lead to local …
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-0315
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197048
|
7.5 |
HIGH
Network
|
google
|
android
|
In isWordBreakAfter of LayoutUtils.cpp, there is a possible way to slow or crash a TextView due to improper input validation. This could lead to remote denial of service with no additional execution …
|
CWE-20
Improper Input Validation
|
CVE-2021-0313
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197049
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In WAVSource::read of WAVExtractor.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges ne…
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2021-0312
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197050
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In ElementaryStreamQueue::dequeueAccessUnitH264() of ESQueue.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no addit…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-0311
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
