|
197711
|
7.8 |
HIGH
Local
|
samsung
|
customization_service
|
Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local a…
|
NVD-CWE-noinfo
|
CVE-2021-25373
|
2024-11-21 14:54 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197712
|
7.8 |
HIGH
Local
|
google
|
android
|
An improper exception control in softsimd prior to SMR APR-2021 Release 1 allows unprivileged applications to access the API in softsimd.
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2021-25365
|
2024-11-21 14:54 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197713
|
3.3 |
LOW
Local
|
google
|
android
|
A pendingIntent hijacking vulnerability in Secure Folder prior to SMR APR-2021 Release 1 allows unprivileged applications to access contact information.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2021-25364
|
2024-11-21 14:54 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197714
|
6.1 |
MEDIUM
Local
|
google
|
android
|
An improper access control in ActivityManagerService prior to SMR APR-2021 Release 1 allows untrusted applications to access running processesdelete some local files.
|
CWE-269
Improper Privilege Management
|
CVE-2021-25363
|
2024-11-21 14:54 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197715
|
6.1 |
MEDIUM
Local
|
google
|
android
|
An improper permission management in CertInstaller prior to SMR APR-2021 Release 1 allows untrusted applications to delete certain local files.
|
CWE-269
Improper Privilege Management
|
CVE-2021-25362
|
2024-11-21 14:54 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197716
|
8.8 |
HIGH
Local
|
google
|
android
|
An improper access control vulnerability in stickerCenter prior to SMR APR-2021 Release 1 allows local attackers to read or write arbitrary files of system process via untrusted applications.
|
NVD-CWE-Other
|
CVE-2021-25361
|
2024-11-21 14:54 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197717
|
9.8 |
CRITICAL
Network
|
google
|
android
|
An improper input validation vulnerability in libswmfextractor library prior to SMR APR-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-25360
|
2024-11-21 14:54 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197718
|
3.3 |
LOW
Local
|
google
|
android
|
An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP information without proper permissions via untrusted applications.
|
CWE-276
Incorrect Default Permissions
|
CVE-2021-25359
|
2024-11-21 14:54 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197719
|
3.3 |
LOW
Local
|
google
|
android
|
A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1 allows local attackers to access IMSI values without any permission via untrusted applications.
|
CWE-276
Incorrect Default Permissions
|
CVE-2021-25358
|
2024-11-21 14:54 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197720
|
5.5 |
MEDIUM
Local
|
google
|
android
|
A pendingIntent hijacking vulnerability in Create Movie prior to SMR APR-2021 Release 1 in Android O(8.x) and P(9.0), 3.4.81.1 in Android Q(10,0), and 3.6.80.7 in Android R(11.0) allows unprivileged …
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2021-25357
|
2024-11-21 14:54 |
2021-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
