Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
7947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-26687 | 1 Google | 1 Android | 2024-08-03 | 9.8 Critical |
| An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. In preloaded applications, the HostnameVerified default is mishandled. The LG ID is LVE-SMP-200029 (February 2021). | ||||
| CVE-2021-26277 | 2 Google, Vivo | 2 Android, Frame Service | 2024-08-03 | 5.6 Medium |
| The framework service handles pendingIntent incorrectly, allowing a malicious application with certain privileges to perform privileged actions. | ||||
| CVE-2021-25514 | 1 Google | 1 Android | 2024-08-03 | 3.3 Low |
| An improper intent redirection handling in Tags prior to SMR Dec-2021 Release 1 allows attackers to access sensitive information. | ||||
| CVE-2021-25517 | 1 Google | 1 Android | 2024-08-03 | 7.7 High |
| An improper input validation vulnerability in LDFW prior to SMR Dec-2021 Release 1 allows attackers to perform arbitrary code execution. | ||||
| CVE-2021-25515 | 1 Google | 1 Android | 2024-08-03 | 4 Medium |
| An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID. | ||||
| CVE-2021-25513 | 1 Google | 1 Android | 2024-08-03 | 2.4 Low |
| An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen. | ||||
| CVE-2021-25510 | 1 Google | 1 Android | 2024-08-03 | 5.3 Medium |
| An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows local arbitrary code execution. | ||||
| CVE-2021-25516 | 1 Google | 1 Android | 2024-08-03 | 6.4 Medium |
| An improper check or handling of exceptional conditions in Exynos baseband prior to SMR Dec-2021 Release 1 allows attackers to track locations. | ||||
| CVE-2021-25518 | 1 Google | 1 Android | 2024-08-03 | 6.4 Medium |
| An improper boundary check in secure_log of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution. | ||||
| CVE-2021-25511 | 1 Google | 1 Android | 2024-08-03 | 6.3 Medium |
| An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows attackers to write arbitrary files via a path traversal vulnerability. | ||||
| CVE-2021-25519 | 1 Google | 1 Android | 2024-08-03 | 4 Medium |
| An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission. | ||||
| CVE-2021-25512 | 1 Google | 1 Android | 2024-08-03 | 6.1 Medium |
| An improper validation vulnerability in telephony prior to SMR Dec-2021 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2021-25503 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 5 Medium |
| Improper input validation vulnerability in HDCP prior to SMR Nov-2021 Release 1 allows attackers to arbitrary code execution. | ||||
| CVE-2021-25480 | 2 Google, Qualcomm | 2 Android, Qualcomm | 2024-08-03 | 4.4 Medium |
| A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem prior to SMR Oct-2021 Release 1 can lead to remote denial of service on mobile network connection. | ||||
| CVE-2021-25456 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| OOB read vulnerability in libswmfextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute memcpy at arbitrary address via forged wmf file. | ||||
| CVE-2021-25386 | 1 Google | 1 Android | 2024-08-03 | 9 Critical |
| An improper input validation vulnerability in sdfffd_parse_chunk_FVER() in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | ||||
| CVE-2021-25467 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-08-03 | 5.3 Medium |
| Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library. | ||||
| CVE-2021-25482 | 1 Google | 1 Android | 2024-08-03 | 5.9 Medium |
| SQL injection vulnerabilities in CMFA framework prior to SMR Oct-2021 Release 1 allow untrusted application to overwrite some CMFA framework information. | ||||
| CVE-2021-25481 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 6.4 Medium |
| An improper error handling in Exynos CP booting driver prior to SMR Oct-2021 Release 1 allows local attackers to bypass a Secure Memory Protector of Exynos CP Memory. | ||||
| CVE-2021-25485 | 1 Google | 1 Android | 2024-08-03 | 7.5 High |
| Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Oct-2021 Release 1 allows attackers to write file as system UID via BT remote socket. | ||||