Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
7938 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-25469 | 2 Google, Samsung | 2 Android, Exynos | 2024-08-03 | 6 Medium |
| A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution. | ||||
| CVE-2021-25392 | 1 Google | 1 Android | 2024-08-03 | 4 Medium |
| Improper protection of backup path configuration in Samsung Dex prior to SMR MAY-2021 Release 1 allows local attackers to get sensitive information via changing the path. | ||||
| CVE-2021-25338 | 2 Google, Samsung | 2 Android, Exynos 9830 | 2024-08-03 | 4.4 Medium |
| Improper memory access control in RKP in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to write certain part of RKP EL2 memory region. | ||||
| CVE-2021-25396 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-08-03 | 6.7 Medium |
| An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution. | ||||
| CVE-2021-25417 | 1 Google | 1 Android | 2024-08-03 | 7.5 High |
| Improper authorization in SDP SDK prior to SMR JUN-2021 Release 1 allows access to internal storage. | ||||
| CVE-2021-25373 | 2 Google, Samsung | 2 Android, Customization Service | 2024-08-03 | 5.5 Medium |
| Using unsafe PendingIntent in Customization Service prior to version 2.2.02.1 in Android O(8.x), 2.4.03.0 in Android P(9.0), 2.7.02.1 in Android Q(10.0) and 2.9.01.1 in Android R(11.0) allows local attackers to perform unauthorized action without permission via hijacking the PendingIntent. | ||||
| CVE-2021-25358 | 1 Google | 1 Android | 2024-08-03 | 4 Medium |
| A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1 allows local attackers to access IMSI values without any permission via untrusted applications. | ||||
| CVE-2021-25360 | 1 Google | 1 Android | 2024-08-03 | 9 Critical |
| An improper input validation vulnerability in libswmfextractor library prior to SMR APR-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | ||||
| CVE-2021-25454 | 1 Google | 1 Android | 2024-08-03 | 3.1 Low |
| OOB read vulnerability in libsaacextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute remote DoS via forged aac file. | ||||
| CVE-2021-25369 | 1 Google | 1 Android | 2024-08-03 | 6.2 Medium |
| An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace. | ||||
| CVE-2021-25443 | 1 Google | 1 Android | 2024-08-03 | 5.3 Medium |
| A use after free vulnerability in conn_gadget driver prior to SMR AUG-2021 Release 1 allows malicious action by an attacker. | ||||
| CVE-2021-25370 | 1 Google | 1 Android | 2024-08-03 | 6.1 Medium |
| An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic. | ||||
| CVE-2021-25390 | 1 Google | 1 Android | 2024-08-03 | 4 Medium |
| Intent redirection vulnerability in PhotoTable prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action. | ||||
| CVE-2021-25428 | 1 Google | 1 Android | 2024-08-03 | 7.8 High |
| Improper validation check vulnerability in PackageManager prior to SMR July-2021 Release 1 allows untrusted applications to get dangerous level permission without user confirmation in limited circumstances. | ||||
| CVE-2021-25415 | 2 Google, Samsung | 5 Android, Exynos 9610, Exynos 9810 and 2 more | 2024-08-03 | 5.5 Medium |
| Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable. | ||||
| CVE-2021-25429 | 1 Google | 1 Android | 2024-08-03 | 4.3 Medium |
| Improper privilege management vulnerability in Bluetooth application prior to SMR July-2021 Release 1 allows untrusted application to access the Bluetooth information in Bluetooth application. | ||||
| CVE-2021-25382 | 1 Google | 1 Android | 2024-08-03 | 6.1 Medium |
| An improper authorization of using debugging command in Secure Folder prior to SMR Oct-2020 Release 1 allows unauthorized access to contents in Secure Folder via debugging command. | ||||
| CVE-2021-25449 | 1 Google | 1 Android | 2024-08-03 | 6.5 Medium |
| An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021 Release 1 allows attackers to execute arbitrary code in mediaextractor process. | ||||
| CVE-2021-25403 | 2 Google, Samsung | 2 Android, Account | 2024-08-03 | 3.3 Low |
| Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0) and above allows attacker to access contacts and file provider using SettingWebView component. | ||||
| CVE-2021-25347 | 1 Google | 1 Android | 2024-08-03 | 5.3 Medium |
| Hijacking vulnerability in Samsung Email application version prior to SMR Feb-2021 Release 1 allows attackers to intercept when the provider is executed. | ||||