|
194771
|
4.4 |
MEDIUM
Local
|
google
|
android
|
Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_show_on_qspanel value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2021-25474
|
2024-11-21 14:55 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194772
|
4.4 |
MEDIUM
Local
|
google
|
android
|
Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_hide_by_meadia_full value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent de…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2021-25473
|
2024-11-21 14:55 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194773
|
3.3 |
LOW
Local
|
google
|
android
|
An improper access control vulnerability in BluetoothSettingsProvider prior to SMR Oct-2021 Release 1 allows untrusted application to overwrite some Bluetooth information.
|
NVD-CWE-Other
|
CVE-2021-25472
|
2024-11-21 14:55 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194774
|
7.5 |
HIGH
Network
|
google
|
android
|
A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion.
|
NVD-CWE-noinfo
|
CVE-2021-25471
|
2024-11-21 14:55 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194775
|
7.9 |
HIGH
Local
|
google
|
android
|
An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE.
|
NVD-CWE-Other
|
CVE-2021-25470
|
2024-11-21 14:55 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194776
|
6.7 |
MEDIUM
Local
|
google
|
android
|
A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-25469
|
2024-11-21 14:55 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194777
|
4.4 |
MEDIUM
Local
|
google
|
android
|
A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address.
|
NVD-CWE-noinfo
|
CVE-2021-25468
|
2024-11-21 14:55 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194778
|
6.7 |
MEDIUM
Local
|
google
|
android
|
Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded l…
|
CWE-120
Classic Buffer Overflow
|
CVE-2021-25467
|
2024-11-21 14:55 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194779
|
5.4 |
MEDIUM
Network
|
janeczku
|
calibre-web
|
In “Calibre-web” application, v0.6.0 to v0.6.12, are vulnerable to Stored XSS in “Metadata”. An attacker that has access to edit the metadata information, can inject JavaScript payload in the descrip…
|
CWE-79
Cross-site Scripting
|
CVE-2021-25964
|
2024-11-21 14:55 |
2021-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194780
|
6.1 |
MEDIUM
Network
|
shuup
|
shuup
|
In Shuup, versions 1.6.0 through 2.10.8 are vulnerable to reflected Cross-Site Scripting (XSS) that allows execution of arbitrary javascript code on a victim browser. This vulnerability exists due to…
|
CWE-79
Cross-site Scripting
|
CVE-2021-25963
|
2024-11-21 14:55 |
2021-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
