Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
7938 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-1046 | 1 Google | 1 Android | 2024-08-03 | 4.4 Medium |
| In lwis_dpm_update_clock of lwis_device_dpm.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195609074References: N/A | ||||
| CVE-2021-1030 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In setNotificationsShownFromListener of NotificationManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-194697001 | ||||
| CVE-2021-1034 | 1 Google | 1 Android | 2024-08-03 | 3.3 Low |
| In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine whether an app is installed, without querypermissions due to a missing permission check. This could lead to localinformation disclosure with no additional execution privileges needed. Userinteraction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-193441322 | ||||
| CVE-2021-0945 | 1 Google | 1 Android | 2024-08-03 | 9.8 Critical |
| In _PMRCreate of the PowerVR kernel driver, a missing bounds check means it is possible to overwrite heap memory via PhysmemNewRamBackedPMR. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2021-1019 | 1 Google | 1 Android | 2024-08-03 | 7.3 High |
| In snoozeNotification of NotificationListenerService.java, there is a possible permission confusion due to a misleading user consent dialog. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-195031401 | ||||
| CVE-2021-1037 | 1 Google | 1 Android | 2024-08-03 | 5.3 Medium |
| The broadcast that DevicePickerFragment sends when a new device is paired doesn't have any permission checks, so any app can register to listen for it. This lets apps keep track of what devices are paired without requesting BLUETOOTH permissions.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-162951906 | ||||
| CVE-2021-1041 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In (TBD) of (TBD), there is a possible out of bounds read due to memory corruption. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182950799References: N/A | ||||
| CVE-2021-1068 | 2 Google, Nvidia | 2 Android, Shield Experience | 2024-08-03 | 7.8 High |
| NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVDEC component, in which an attacker can read from or write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or escalation of privileges. | ||||
| CVE-2021-1035 | 1 Google | 1 Android | 2024-08-03 | 7.8 High |
| In setLaunchIntent of BluetoothDevicePickerPreferenceController.java, there is a possible way to invoke an arbitrary broadcast receiver due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-12Android ID: A-195668284 | ||||
| CVE-2021-1047 | 1 Google | 1 Android | 2024-08-03 | 4.4 Medium |
| In valid_ipc_dram_addr of cm_access_control.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-197966306References: N/A | ||||
| CVE-2021-1069 | 2 Google, Nvidia | 9 Android, Jetson Agx Xavier, Jetson Nano and 6 more | 2024-08-03 | 6.1 Medium |
| NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVHost function, which may lead to abnormal reboot due to a null pointer reference, causing data loss. | ||||
| CVE-2021-0996 | 1 Google | 1 Android | 2024-08-03 | 4.5 Medium |
| In nfaHciCallback of HciEventManager.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over NFC with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-181346545 | ||||
| CVE-2021-0993 | 1 Google | 1 Android | 2024-08-03 | 6.5 Medium |
| In getOffsetBeforeAfter of TextLine.java, there is a possible denial of service due to resource exhaustion. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-193849901 | ||||
| CVE-2021-1002 | 1 Google | 1 Android | 2024-08-03 | 7.5 High |
| In WT_Interpolate of eas_wtengine.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-194533433 | ||||
| CVE-2021-1033 | 1 Google | 1 Android | 2024-08-03 | 7.8 High |
| In createGeneralSlice of ConnectedDevicesSliceProvider.java.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-185247656 | ||||
| CVE-2021-1025 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In hasNamedWallpaper of WallpaperManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-193800652 | ||||
| CVE-2021-1010 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In getSigningKeySet of PackageManagerService.java, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-189857801 | ||||
| CVE-2021-1038 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In UserDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking/overlay attack. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-183411279 | ||||
| CVE-2021-1032 | 1 Google | 1 Android | 2024-08-03 | 3.3 Low |
| In getMimeGroup of PackageManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-184745603 | ||||
| CVE-2021-1001 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In PVInitVideoEncoder of mp4enc_api.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-190435883 | ||||