Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
8700 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-39643 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In ic_startRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of defense-in-depth due to missing validation of the return value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195573629References: N/A | ||||
| CVE-2021-39642 | 1 Google | 1 Android | 2024-11-21 | 6.4 Medium |
| In synchronous_process_io_entries of lwis_ioctl.c, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195731663References: N/A | ||||
| CVE-2021-39641 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| Product: AndroidVersions: Android kernelAndroid ID: A-126949257References: N/A | ||||
| CVE-2021-39640 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In __dwc3_gadget_ep0_queue of ep0.c, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-157294279References: N/A | ||||
| CVE-2021-39639 | 1 Google | 1 Android | 2024-11-21 | 6.8 Medium |
| In TBD of fvp.c, there is a possible way to glitch CPU behavior due to a missing permission check. This could lead to local escalation of privilege with physical access to device internals with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-198291476References: N/A | ||||
| CVE-2021-39638 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In periodic_io_work_func of lwis_periodic_io.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195607566References: N/A | ||||
| CVE-2021-39637 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| In CreateDeviceInfo of trusty_remote_provisioning_context.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-193579873References: N/A | ||||
| CVE-2021-39636 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel information due to uninitialized data. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-120612905References: Upstream kernel | ||||
| CVE-2021-39635 | 1 Google | 1 Android | 2024-11-21 | 9.1 Critical |
| ims_ex is a vendor system service used to manage VoLTE in unisoc devices,But it does not verify the caller's permissions,so that normal apps (No phone permissions) can obtain some VoLTE sensitive information and manage VoLTE calls.Product: AndroidVersions: Android SoCAndroid ID: A-206492634 | ||||
| CVE-2021-39634 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In fs/eventpoll.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204450605References: Upstream kernel | ||||
| CVE-2021-39633 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In gre_handle_offloads of ip_gre.c, there is a possible page fault due to an invalid memory access. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150694665References: Upstream kernel | ||||
| CVE-2021-39632 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In inotify_cb of events.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-202159709 | ||||
| CVE-2021-39631 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In clear_data_dlg_text of strings.xml, there is a possible situation when "Clear storage" functionality sets up the wrong security/privacy expectations due to a misleading message. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-193890833 | ||||
| CVE-2021-39630 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In executeRequest of OverlayManagerService.java, there is a possible way to control fabricated overlays from adb shell due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-202768292 | ||||
| CVE-2021-39629 | 1 Google | 1 Android | 2024-11-21 | 7.0 High |
| In phTmlNfc_Init and phTmlNfc_CleanUp of phTmlNfc.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-197353344 | ||||
| CVE-2021-39628 | 1 Google | 1 Android | 2024-11-21 | 3.3 Low |
| In StatusBar.java, there is a possible disclosure of notification content on the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-189575031 | ||||
| CVE-2021-39627 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-185126549 | ||||
| CVE-2021-39626 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-194695497 | ||||
| CVE-2021-39625 | 1 Google | 1 Android | 2024-11-21 | 7.3 High |
| In showCarrierAppInstallationNotification of EuiccNotificationManager.java, there is a possible way to gain an access to MediaProvider content due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-194695347 | ||||
| CVE-2021-39624 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In PackageManager, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-67862680 | ||||