Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
7938 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-25387 | 1 Google | 1 Android | 2024-08-03 | 9 Critical |
| An improper input validation vulnerability in sflacfd_get_frm() in libsflacextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | ||||
| CVE-2021-25455 | 1 Google | 1 Android | 2024-08-03 | 3.3 Low |
| OOB read vulnerability in libsaviextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to access arbitrary address through pointer via forged avi file. | ||||
| CVE-2021-25330 | 1 Google | 1 Android | 2024-08-03 | 7.5 High |
| Calling of non-existent provider in MobileWips application prior to SMR Feb-2021 Release 1 allows unauthorized actions including denial of service attack by hijacking the provider. | ||||
| CVE-2021-25361 | 1 Google | 1 Android | 2024-08-03 | 7.9 High |
| An improper access control vulnerability in stickerCenter prior to SMR APR-2021 Release 1 allows local attackers to read or write arbitrary files of system process via untrusted applications. | ||||
| CVE-2021-25408 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-08-03 | 7.8 High |
| A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution. | ||||
| CVE-2021-25439 | 2 Google, Samsung | 2 Android, Members | 2024-08-03 | 3.3 Low |
| Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbitrary webpage loading in webview. | ||||
| CVE-2021-25359 | 1 Google | 1 Android | 2024-08-03 | 4 Medium |
| An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP information without proper permissions via untrusted applications. | ||||
| CVE-2021-25389 | 1 Google | 1 Android | 2024-08-03 | 2.3 Low |
| Improper running task check in S Secure prior to SMR MAY-2021 Release 1 allows attackers to use locked app without authentication. | ||||
| CVE-2021-25384 | 1 Google | 1 Android | 2024-08-03 | 9 Critical |
| An improper input validation vulnerability in sdfffd_parse_chunk_PROP() with Sample Rate Chunk in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | ||||
| CVE-2021-25336 | 1 Google | 1 Android | 2024-08-03 | 2.8 Low |
| Improper access control in NotificationManagerService in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to acquire notification access via sending a crafted malicious intent. | ||||
| CVE-2021-25426 | 1 Google | 1 Android | 2024-08-03 | 7.5 High |
| Improper component protection vulnerability in SmsViewerActivity of Samsung Message prior to SMR July-2021 Release 1 allows untrusted applications to access Message files. | ||||
| CVE-2021-25351 | 2 Google, Samsung | 2 Android, Account | 2024-08-03 | 3.2 Low |
| Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password. | ||||
| CVE-2021-25372 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-08-03 | 6.1 Medium |
| An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access. | ||||
| CVE-2021-25363 | 1 Google | 1 Android | 2024-08-03 | 6.8 Medium |
| An improper access control in ActivityManagerService prior to SMR APR-2021 Release 1 allows untrusted applications to access running processesdelete some local files. | ||||
| CVE-2021-25343 | 2 Google, Samsung | 2 Android, Members | 2024-08-03 | 4 Medium |
| Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1) and below) and 3.8.00.13 (in Android P(9.0) and above) allows unauthorized actions including denial of service attack by hijacking the provider. | ||||
| CVE-2021-25349 | 2 Google, Samsung | 2 Android, Slow Motion Editor | 2024-08-03 | 5.5 Medium |
| Using unsafe PendingIntent in Slow Motion Editor prior to version 3.5.18.5 allows local attackers unauthorized action without permission via hijacking the PendingIntent. | ||||
| CVE-2021-25337 | 1 Google | 1 Android | 2024-08-03 | 4.4 Medium |
| Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files. | ||||
| CVE-2021-25342 | 2 Google, Samsung | 2 Android, Members | 2024-08-03 | 4 Medium |
| Calling of non-existent provider in SMP sdk prior to version 3.0.9 allows unauthorized actions including denial of service attack by hijacking the provider. | ||||
| CVE-2021-25371 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-08-03 | 6.1 Medium |
| A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP. | ||||
| CVE-2021-25339 | 2 Google, Samsung | 2 Android, Exynos 9830 | 2024-08-03 | 4.4 Medium |
| Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory. | ||||