Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
7938 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-25393 | 1 Google | 1 Android | 2024-08-03 | 6.6 Medium |
| Improper sanitization of incoming intent in SecSettings prior to SMR MAY-2021 Release 1 allows local attackers to get permissions to access system uid data. | ||||
| CVE-2021-25431 | 2 Google, Samsung | 2 Android, Cameralyzer | 2024-08-03 | 5.5 Medium |
| Improper access control vulnerability in Cameralyzer prior to versions 3.2.1041 in 3.2.x, 3.3.1040 in 3.3.x, and 3.4.4210 in 3.4.x allows untrusted applications to access some functions of Cameralyzer. | ||||
| CVE-2021-25357 | 1 Google | 1 Android | 2024-08-03 | 5.6 Medium |
| A pendingIntent hijacking vulnerability in Create Movie prior to SMR APR-2021 Release 1 in Android O(8.x) and P(9.0), 3.4.81.1 in Android Q(10,0), and 3.6.80.7 in Android R(11.0) allows unprivileged applications to access contact information. | ||||
| CVE-2021-25356 | 1 Google | 1 Android | 2024-08-03 | 7.1 High |
| An improper caller check vulnerability in Managed Provisioning prior to SMR APR-2021 Release 1 allows unprivileged application to install arbitrary application, grant device admin permission and then delete several installed application. | ||||
| CVE-2021-25395 | 1 Google | 1 Android | 2024-08-03 | 6.4 Medium |
| A race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows local attackers to bypass signature check given a radio privilege is compromised. | ||||
| CVE-2021-25470 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 7.9 High |
| An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE. | ||||
| CVE-2021-25344 | 1 Google | 1 Android | 2024-08-03 | 6.2 Medium |
| Missing permission check in knox_custom service prior to SMR Mar-2021 Release 1 allows attackers to gain access to device's serial number without permission. | ||||
| CVE-2021-25377 | 2 Google, Samsung | 2 Android, Experience Service | 2024-08-03 | 3.3 Low |
| Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action. | ||||
| CVE-2021-25350 | 2 Google, Samsung | 2 Android, Account | 2024-08-03 | 2 Low |
| Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user information via log. | ||||
| CVE-2021-25491 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 2.3 Low |
| A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows memory corruption via NULL-pointer dereference. | ||||
| CVE-2021-25383 | 1 Google | 1 Android | 2024-08-03 | 9 Critical |
| An improper input validation vulnerability in scmn_mfal_read() in libsapeextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | ||||
| CVE-2021-25409 | 1 Google | 1 Android | 2024-08-03 | 2.4 Low |
| Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device. | ||||
| CVE-2021-25501 | 1 Google | 1 Android | 2024-08-03 | 5.7 Medium |
| An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers. | ||||
| CVE-2021-25397 | 1 Google | 1 Android | 2024-08-03 | 6.8 Medium |
| An improper access control vulnerability in TelephonyUI prior to SMR MAY-2021 Release 1 allows local attackers to write arbitrary files of telephony process via untrusted applications. | ||||
| CVE-2021-25365 | 1 Google | 1 Android | 2024-08-03 | 5.9 Medium |
| An improper exception control in softsimd prior to SMR APR-2021 Release 1 allows unprivileged applications to access the API in softsimd. | ||||
| CVE-2021-25407 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-08-03 | 7.8 High |
| A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write. | ||||
| CVE-2021-25374 | 2 Google, Samsung | 2 Android, Members | 2024-08-03 | 8.6 High |
| An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account. | ||||
| CVE-2021-25474 | 1 Google | 1 Android | 2024-08-03 | 4.4 Medium |
| Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_show_on_qspanel value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset. | ||||
| CVE-2021-25388 | 1 Google | 1 Android | 2024-08-03 | 7.1 High |
| Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers to install arbitrary app. | ||||
| CVE-2021-25427 | 1 Google | 1 Android | 2024-08-03 | 6.5 Medium |
| SQL injection vulnerability in Bluetooth prior to SMR July-2021 Release 1 allows unauthorized access to paired device information | ||||