|
195531
|
7.8 |
HIGH
Local
|
google
|
android
|
An improper access control vulnerability in genericssoservice prior to SMR JUN-2021 Release 1 allows local attackers to execute protected activity with system privilege via untrusted applications.
|
NVD-CWE-Other
|
CVE-2021-25412
|
2024-11-21 14:54 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195532
|
4.4 |
MEDIUM
Local
|
google
|
android
|
Improper address validation vulnerability in RKP api prior to SMR JUN-2021 Release 1 allows root privileged local attackers to write read-only kernel memory.
|
CWE-20
Improper Input Validation
|
CVE-2021-25411
|
2024-11-21 14:54 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195533
|
7.1 |
HIGH
Local
|
google
|
android
|
Improper access control of a component in CallBGProvider prior to SMR JUN-2021 Release 1 allows local attackers to access arbitrary files with an escalated privilege.
|
CWE-863
Incorrect Authorization
|
CVE-2021-25410
|
2024-11-21 14:54 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195534
|
2.4 |
LOW
Physics
|
google
|
android
|
Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device.
|
CWE-862
Missing Authorization
|
CVE-2021-25409
|
2024-11-21 14:54 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195535
|
7.8 |
HIGH
Local
|
google
|
android
|
A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution.
|
CWE-120
Classic Buffer Overflow
|
CVE-2021-25408
|
2024-11-21 14:54 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195536
|
7.8 |
HIGH
Local
|
google
|
android
|
A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-25407
|
2024-11-21 14:54 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195537
|
6.5 |
MEDIUM
Adjacent
|
samsung
|
gear_s
|
Information exposure vulnerability in Gear S Plugin prior to version 2.2.05.20122441 allows unstrusted applications to access connected BT device information.
|
CWE-863
Incorrect Authorization
|
CVE-2021-25406
|
2024-11-21 14:54 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195538
|
5.5 |
MEDIUM
Local
|
samsung
|
notes
|
An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files.
|
NVD-CWE-Other
|
CVE-2021-25405
|
2024-11-21 14:54 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195539
|
3.3 |
LOW
Local
|
samsung
|
smartthings_firmware
|
Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2021-25404
|
2024-11-21 14:54 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195540
|
3.3 |
LOW
Local
|
samsung
|
account
|
Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0) and above allows attacker to access contacts and file provid…
|
NVD-CWE-Other
|
CVE-2021-25403
|
2024-11-21 14:54 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
