|
202521
|
7.8 |
HIGH
Local
|
google
|
android
|
In onBatchScanReports and deliverBatchScan of GattService.java, there is a possible way to retrieve Bluetooth scan results without permissions due to a missing permission check. This could lead to lo…
|
CWE-862
Missing Authorization
|
CVE-2021-0328
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202522
|
7.8 |
HIGH
Local
|
google
|
android
|
In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. This could lead to local escalation of privilege with no additio…
|
CWE-269
Improper Privilege Management
|
CVE-2021-0327
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202523
|
7.5 |
HIGH
Adjacent
|
google
fedoraproject
debian
|
android
fedora
debian_linux
|
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct sea…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-0326
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202524
|
8.8 |
HIGH
Network
|
google
|
android
|
In ih264d_parse_pslice of ih264d_parse_pslice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privilege…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-0325
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202525
|
7.3 |
HIGH
Local
|
google
|
android
|
In onCreate of UninstallerActivity, there is a possible way to uninstall an all without informed user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-0314
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202526
|
7.8 |
HIGH
Local
|
google
|
android
|
In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges n…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-0305
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202527
|
7.8 |
HIGH
Local
|
google
|
android
|
In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges n…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-0302
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202528
|
7.5 |
HIGH
Network
|
google
|
android
|
In wlan driver, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not nee…
|
NVD-CWE-noinfo
|
CVE-2021-0351
|
2024-11-21 14:42 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202529
|
4.4 |
MEDIUM
Local
|
google
|
android
|
In ged, there is a possible system crash due to an improper input validation. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for ex…
|
CWE-20
Improper Input Validation
|
CVE-2021-0350
|
2024-11-21 14:42 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202530
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In display driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not nee…
|
CWE-416
Use After Free
|
CVE-2021-0349
|
2024-11-21 14:42 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
