|
199701
|
6.5 |
MEDIUM
Network
|
juniper
|
junos_os_evolved
|
A vulnerability in the processing of TCP MD5 authentication in Juniper Networks Junos OS Evolved may allow a BGP or LDP session configured with MD5 authentication to succeed, even if the peer does no…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2021-0297
|
2024-11-21 14:42 |
2021-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199702
|
7.4 |
HIGH
Network
|
juniper
|
ctpview
|
The Juniper Networks CTPView server is not enforcing HTTP Strict Transport Security (HSTS). HSTS is an optional response header which allows servers to indicate that content from the requested domain…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2021-0296
|
2024-11-21 14:42 |
2021-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199703
|
7.3 |
HIGH
Local
|
google
|
android
|
In onCreate of BluetoothPairingDialog, there is a possible way to enable Bluetooth without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User …
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-0583
|
2024-11-21 14:42 |
2021-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199704
|
7.3 |
HIGH
Local
|
google
|
android
|
In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User e…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-0598
|
2024-11-21 14:42 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199705
|
7.8 |
HIGH
Local
|
google
|
android
|
In lockAllProfileTasks of RootWindowContainer.java, there is a possible way to access the work profile without the profile PIN, after logging in. This could lead to local escalation of privilege with…
|
CWE-287
Improper Authentication
|
CVE-2021-0595
|
2024-11-21 14:42 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199706
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In memory management driver, there is a possible side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction …
|
NVD-CWE-noinfo
|
CVE-2021-0425
|
2024-11-21 14:42 |
2021-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199707
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interactio…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-0424
|
2024-11-21 14:42 |
2021-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199708
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In memory management driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User…
|
CWE-665
Improper Initialization
|
CVE-2021-0423
|
2024-11-21 14:42 |
2021-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199709
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interactio…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-0422
|
2024-11-21 14:42 |
2021-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199710
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In memory management driver, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. …
|
CWE-120
Classic Buffer Overflow
|
CVE-2021-0421
|
2024-11-21 14:42 |
2021-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
