Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
8700 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-30596 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2024-11-21 | 4.3 Medium |
| Incorrect security UI in Navigation in Google Chrome on Android prior to 92.0.4515.131 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | ||||
| CVE-2021-30528 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2024-11-21 | 8.8 High |
| Use after free in WebAuthentication in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker who had compromised the renderer process of a user who had saved a credit card in their Google account to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2021-30521 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in Autofill in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. | ||||
| CVE-2021-30507 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2024-11-21 | 8.8 High |
| Inappropriate implementation in Offline in Google Chrome on Android prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. | ||||
| CVE-2021-30506 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2024-11-21 | 8.8 High |
| Incorrect security UI in Web App Installs in Google Chrome on Android prior to 90.0.4430.212 allowed an attacker who convinced a user to install a web application to inject scripts or HTML into a privileged page via a crafted HTML page. | ||||
| CVE-2021-30162 | 1 Google | 1 Android | 2024-11-21 | 7.1 High |
| An issue was discovered on LG mobile devices with Android OS 4.4 through 11 software. Attackers can leverage ISMS services to bypass access control on specific content providers. The LG ID is LVE-SMP-210003 (April 2021). | ||||
| CVE-2021-30161 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| An issue was discovered on LG mobile devices with Android OS 11 software. Attackers can bypass the lockscreen protection mechanism after an incoming call has been terminated. The LG ID is LVE-SMP-210002 (April 2021). | ||||
| CVE-2021-29983 | 2 Google, Mozilla | 2 Android, Firefox | 2024-11-21 | 6.5 Medium |
| Firefox for Android could get stuck in fullscreen mode and not exit it even after normal interactions that should cause it to exit. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 91. | ||||
| CVE-2021-27901 | 1 Google | 1 Android | 2024-11-21 | 6.8 Medium |
| An issue was discovered on LG mobile devices with Android OS 11 software. They mishandle fingerprint recognition because local high beam mode (LHBM) does not function properly during bright illumination. The LG ID is LVE-SMP-210001 (March 2021). | ||||
| CVE-2021-26689 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. The USB laf gadget has a use-after-free. The LG ID is LVE-SMP-200031 (February 2021). | ||||
| CVE-2021-26688 | 2 Google, Lg | 2 Android, Wing | 2024-11-21 | 9.8 Critical |
| An issue was discovered on LG Wing mobile devices with Android OS 10 software. The biometric sensor has weak security properties. The LG ID is LVE-SMP-200030 (February 2021). | ||||
| CVE-2021-26687 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. In preloaded applications, the HostnameVerified default is mishandled. The LG ID is LVE-SMP-200029 (February 2021). | ||||
| CVE-2021-26439 | 2 Google, Microsoft | 2 Android, Edge | 2024-11-21 | 4.6 Medium |
| Microsoft Edge for Android Information Disclosure Vulnerability | ||||
| CVE-2021-25519 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission. | ||||
| CVE-2021-25518 | 1 Google | 1 Android | 2024-11-21 | 6.4 Medium |
| An improper boundary check in secure_log of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution. | ||||
| CVE-2021-25517 | 1 Google | 1 Android | 2024-11-21 | 7.7 High |
| An improper input validation vulnerability in LDFW prior to SMR Dec-2021 Release 1 allows attackers to perform arbitrary code execution. | ||||
| CVE-2021-25516 | 1 Google | 1 Android | 2024-11-21 | 6.4 Medium |
| An improper check or handling of exceptional conditions in Exynos baseband prior to SMR Dec-2021 Release 1 allows attackers to track locations. | ||||
| CVE-2021-25515 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID. | ||||
| CVE-2021-25514 | 1 Google | 1 Android | 2024-11-21 | 3.3 Low |
| An improper intent redirection handling in Tags prior to SMR Dec-2021 Release 1 allows attackers to access sensitive information. | ||||
| CVE-2021-25513 | 1 Google | 1 Android | 2024-11-21 | 2.4 Low |
| An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen. | ||||