|
202511
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In SystemSettingsValidators, there is a possible permanent denial of service due to missing bounds checks on UI settings. This could lead to local denial of service with User execution privileges nee…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-0338
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202512
|
7.8 |
HIGH
Local
|
google
|
android
|
In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale metadata. This could lead to local escalation of privilege with User execution privileges needed. User i…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2021-0337
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202513
|
7.8 |
HIGH
Local
|
google
|
android
|
In onReceive of BluetoothPermissionRequest.java, there is a possible permissions bypass due to a mutable PendingIntent. This could lead to local escalation of privilege that bypasses a permission che…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2021-0336
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202514
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In process of C2SoftHevcDec.cpp, there is a possible out of bounds write due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User…
|
CWE-416
Use After Free
|
CVE-2021-0335
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202515
|
7.8 |
HIGH
Local
|
google
|
android
|
In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2021-0334
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202516
|
7.3 |
HIGH
Local
|
google
|
android
|
In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connectin…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-0333
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202517
|
7.8 |
HIGH
Local
|
google
|
android
|
In bootFinished of SurfaceFlinger.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with User execution privileges needed. User inte…
|
CWE-416
Use After Free
|
CVE-2021-0332
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202518
|
7.3 |
HIGH
Local
|
google
|
android
|
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. This could lead to local escalation of privilege and notification acce…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-0331
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202519
|
7.8 |
HIGH
Local
|
google
|
android
|
In add_user_ce and remove_user_ce of storaged.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in storaged with no additional executio…
|
CWE-416
Use After Free
|
CVE-2021-0330
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202520
|
7.8 |
HIGH
Local
|
google
|
android
|
In several native functions called by AdvertiseManager.java, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth s…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-0329
|
2024-11-21 14:42 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
