Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
8700 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-39666 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In extract of MediaMetricsItem.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-204445255 | ||||
| CVE-2021-39665 | 1 Google | 1 Android | 2024-11-21 | 6.5 Medium |
| In checkSpsUpdated of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-204077881 | ||||
| CVE-2021-39664 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In LoadedPackage::Load of LoadedArsc.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure when parsing an APK file with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-203938029 | ||||
| CVE-2021-39663 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In openFileAndEnforcePathPermissionsHelper of MediaProvider.java, there is a possible bypass of a permissions check due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-200682135 | ||||
| CVE-2021-39662 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In checkUriPermission of MediaProvider.java , there is a possible way to gain access to the content of media provider collections due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-197302116 | ||||
| CVE-2021-39659 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In sortSimPhoneAccountsForEmergency of CreateConnectionProcessor.java, there is a possible prevention of access to emergency calling due to an unhandled exception. In rare instances, this could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-208267659 | ||||
| CVE-2021-39658 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| ismsEx service is a vendor service in unisoc equipment。ismsEx service is an extension of sms system service,but it does not check the permissions of the caller,resulting in permission leaks。Third-party apps can use this service to arbitrarily modify and set system properties。Product: AndroidVersions: Android SoCAndroid ID: A-207479207 | ||||
| CVE-2021-39657 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-194696049References: Upstream kernel | ||||
| CVE-2021-39656 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In __configfs_open_file of file.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174049066References: Upstream kernel | ||||
| CVE-2021-39655 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| Product: AndroidVersions: Android kernelAndroid ID: A-192641593References: N/A | ||||
| CVE-2021-39653 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing warning to the user. This could lead to local escalation of privilege after preparing the device, hiding the warning, and passing the phone to a new user, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-193443223References: N/A | ||||
| CVE-2021-39652 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In sec_ts_parsing_cmds of (TBD), there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-194499021References: N/A | ||||
| CVE-2021-39651 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In TBD of TBD, there is a possible way to access PIN protected settings bypassing PIN confirmation due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-193438173References: N/A | ||||
| CVE-2021-39650 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In (TBD) of (TBD), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-169763055References: N/A | ||||
| CVE-2021-39649 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In regmap_exit of regmap.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174049006References: N/A | ||||
| CVE-2021-39648 | 1 Google | 1 Android | 2024-11-21 | 4.1 Medium |
| In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-160822094References: Upstream kernel | ||||
| CVE-2021-39647 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| In mon_smc_load_sp of gs101-sc/plat/samsung/exynos/soc/exynos9845/smc_booting.S, there is a possible reinitialization of TEE due to improper locking. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-198713939References: N/A | ||||
| CVE-2021-39646 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| Product: AndroidVersions: Android kernelAndroid ID: A-201537251References: N/A | ||||
| CVE-2021-39645 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| Product: AndroidVersions: Android kernelAndroid ID: A-199805112References: N/A | ||||
| CVE-2021-39644 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| Product: AndroidVersions: Android kernelAndroid ID: A-199809304References: N/A | ||||