|
202441
|
7.3 |
HIGH
Local
|
google
|
android
|
In snoozeNotificationInt of NotificationManagerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. This could lead to local escalatio…
|
CWE-20
Improper Input Validation
|
CVE-2021-1021
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202442
|
7.3 |
HIGH
Local
|
google
|
android
|
In snoozeNotification of NotificationListenerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. This could lead to local escalation …
|
CWE-20
Improper Input Validation
|
CVE-2021-1020
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202443
|
7.3 |
HIGH
Local
|
google
|
android
|
In snoozeNotification of NotificationListenerService.java, there is a possible permission confusion due to a misleading user consent dialog. This could lead to local escalation of privilege with User…
|
NVD-CWE-Other
|
CVE-2021-1019
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202444
|
3.3 |
LOW
Local
|
google
|
android
|
In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-1018
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202445
|
7.8 |
HIGH
Local
|
google
|
android
|
In AdapterService and GattService definition of AndroidManifest.xml, there is a possible way to disable bluetooth connection due to a missing permission check. This could lead to local escalation of …
|
CWE-862
Missing Authorization
|
CVE-2021-1017
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202446
|
7.3 |
HIGH
Local
|
google
|
android
|
In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB without informed user consent due to a tapjacking/overlay attack. This could lead to local escalation …
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-1016
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202447
|
3.3 |
LOW
Local
|
google
|
android
|
In getMeidForSlot of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could le…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-1015
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202448
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In getNetworkTypeForSubscriber of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. …
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-1014
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202449
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In checkExistsAndEnforceCannotModifyImmutablyRestrictedPermission of PermissionManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-1013
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202450
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In onResume of NotificationAccessDetails.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-1012
|
2024-11-21 14:43 |
2021-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
