|
197051
|
7.8 |
HIGH
Local
|
google
|
android
|
In LazyServiceRegistrar of LazyServiceRegistrar.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privi…
|
CWE-416
Use After Free
|
CVE-2021-0310
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197052
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In onCreate of grantCredentialsPermissionActivity, there is a confused deputy. This could lead to local information disclosure and account access with no additional execution privileges needed. User …
|
NVD-CWE-Other
|
CVE-2021-0309
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197053
|
6.8 |
MEDIUM
Physics
|
google
debian
|
android
debian_linux
|
In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges nee…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-0308
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197054
|
7.8 |
HIGH
Local
|
google
|
android
|
In updatePermissionSourcePackage of PermissionManagerService.java, there is a possible automatic runtime permission grant due to a confused deputy. This could lead to local escalation of privilege al…
|
NVD-CWE-Other
|
CVE-2021-0307
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197055
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In several functions of GlobalScreenshot.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure of the user's contacts with User e…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2021-0304
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197056
|
7.8 |
HIGH
Local
|
google
|
android
|
In addAllPermissions of PermissionManagerService.java, there is a possible permissions bypass when upgrading major Android versions which allows an app to gain the android.permission.ACTIVITY_RECOGNI…
|
CWE-269
Improper Privilege Management
|
CVE-2021-0306
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197057
|
7.0 |
HIGH
Local
|
google
|
android
|
In dispatchGraphTerminationMessage() of packages/services/Car/computepipe/runner/graph/StreamSetObserver.cpp, there is a possible use after free due to a race condition. This could lead to local esca…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2021-0303
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197058
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-0301
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197059
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. User interaction is …
|
CWE-416
Use After Free
|
CVE-2021-0342
|
2024-11-21 14:42 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197060
|
5.3 |
MEDIUM
Network
|
apple
|
macos
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs.
|
NVD-CWE-noinfo
|
CVE-2020-9846
|
2024-11-21 14:41 |
2023-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
