|
200531
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In isRealSnapshot of TaskThumbnailView.java, there is possible data exposure due to a missing permission check. This could lead to local information disclosure from locked profiles with no additional…
|
CWE-862
Missing Authorization
|
CVE-2021-0654
|
2024-11-21 14:43 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200532
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible way to share private files over Bluetooth due to a confused deputy. This could lead to local information disclosure with no a…
|
NVD-CWE-Other
|
CVE-2021-0604
|
2024-11-21 14:43 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200533
|
7.8 |
HIGH
Local
|
google
|
android
|
In onCreate of ContactSelectionActivity.java, there is a possible way to get access to contacts without permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-0603
|
2024-11-21 14:43 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200534
|
7.8 |
HIGH
Local
|
google
|
android
|
In onCreateOptionsMenu of WifiNetworkDetailsFragment.java, there is a possible way for guest users to view and modify Wi-Fi settings for all configured APs due to a permissions bypass. This could lea…
|
CWE-200
Information Exposure
|
CVE-2021-0602
|
2024-11-21 14:43 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200535
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In encodeFrames of avc_enc_fuzzer.cpp, there is a possible out of bounds write due to a double free. This could lead to local information disclosure with no additional execution privileges needed. Us…
|
CWE-787
CWE-415
Out-of-bounds Write
Double Free
|
CVE-2021-0601
|
2024-11-21 14:43 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200536
|
7.4 |
HIGH
Network
|
cisco
|
dna_center
|
A vulnerability in the Cisco Identity Services Engine (ISE) integration feature of the Cisco DNA Center Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensiti…
|
CWE-295
Improper Certificate Validation
|
CVE-2021-1134
|
2024-11-21 14:43 |
2021-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200537
|
8.3 |
HIGH
Network
|
nvidia
|
geforce_experience
|
NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries to log in by using a browser, while, at the same time, any other web page is loaded…
|
NVD-CWE-noinfo
|
CVE-2021-1073
|
2024-11-21 14:43 |
2021-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200538
|
7.8 |
HIGH
Local
|
google
|
android
|
In handleAppLaunch of AppLaunchActivity.java, there is a possible arbitrary activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution pri…
|
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
|
CVE-2021-0608
|
2024-11-21 14:43 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200539
|
7.8 |
HIGH
Local
|
google
|
android
|
In iaxxx_calc_i2s_div of iaxxx-codec.c, there is a possible hardware port write with user controlled data due to a missing bounds check. This could lead to local escalation of privilege with no addit…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-0607
|
2024-11-21 14:43 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200540
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In drm_syncobj_handle_to_fd of drm_syncobj.c, there is a possible use after free due to incorrect refcounting. This could lead to local escalation of privilege with System execution privileges needed…
|
CWE-416
Use After Free
|
CVE-2021-0606
|
2024-11-21 14:43 |
2021-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
