Filtered by vendor Google
Subscriptions
Filtered by product Android
Subscriptions
Total
7929 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-0413 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In flv extractor, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561379; Issue ID: ALPS05561379. | ||||
| CVE-2021-0365 | 1 Google | 1 Android | 2024-08-03 | 6.7 Medium |
| In display driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05454782. | ||||
| CVE-2021-0460 | 1 Google | 1 Android | 2024-08-03 | 4.4 Medium |
| In the FingerTipS touch screen driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-156739245 | ||||
| CVE-2021-0400 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In injectBestLocation and handleUpdateLocation of GnssLocationProvider.java, there is a possible incorrect reporting of location data to emergency services due to improper input validation. This could lead to incorrect reporting of location data to emergency services with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-177561690 | ||||
| CVE-2021-0386 | 1 Google | 1 Android | 2024-08-03 | 7.8 High |
| In onCreate of UsbConfirmActivity, there is a possible tapjacking vector due to an insecure default value. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-173421110 | ||||
| CVE-2021-0429 | 1 Google | 1 Android | 2024-08-03 | 7.8 High |
| In pollOnce of ALooper.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-175074139 | ||||
| CVE-2021-0473 | 1 Google | 1 Android | 2024-08-03 | 8.8 High |
| In rw_t3t_process_error of rw_t3t.cc, there is a possible double free due to uninitialized data. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-179687208 | ||||
| CVE-2021-0416 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05336700. | ||||
| CVE-2021-0449 | 1 Google | 1 Android | 2024-08-03 | 4.4 Medium |
| In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175117965 | ||||
| CVE-2021-0356 | 1 Google | 1 Android | 2024-08-03 | 6.7 Medium |
| In netdiag, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05442014. | ||||
| CVE-2021-0432 | 1 Google | 1 Android | 2024-08-03 | 7.0 High |
| In ClearPullerCacheIfNecessary and ForceClearPullerCache of StatsPullerManager.cpp, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-173552790 | ||||
| CVE-2021-0425 | 2 Google, Mediatek | 54 Android, Mt6580, Mt6582 90 and 51 more | 2024-08-03 | 5.5 Medium |
| In memory management driver, there is a possible side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05400059. | ||||
| CVE-2021-0349 | 1 Google | 1 Android | 2024-08-03 | 6.7 Medium |
| In display driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11; Patch ID: ALPS05362646. | ||||
| CVE-2021-0418 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In memory management driver, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05403499; Issue ID: ALPS05336706. | ||||
| CVE-2021-0409 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In flv extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561359; Issue ID: ALPS05561359. | ||||
| CVE-2021-0388 | 1 Google | 1 Android | 2024-08-03 | 7.8 High |
| In onReceive of ImsPhoneCallTracker.java, there is a possible misattribution of data usage due to an incorrect broadcast handler. This could lead to local escalation of privilege resulting in attributing video call data to the wrong app, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-162741489 | ||||
| CVE-2021-0427 | 1 Google | 1 Android | 2024-08-03 | 7.8 High |
| In parseExclusiveStateAnnotation of LogEvent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174488848 | ||||
| CVE-2021-0398 | 1 Google | 1 Android | 2024-08-03 | 7.8 High |
| In bindServiceLocked of ActiveServices.java, there is a possible foreground service launch due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-173516292 | ||||
| CVE-2021-0394 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In android_os_Parcel_readString8 of android_os_Parcel.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-172655291 | ||||
| CVE-2021-0390 | 1 Google | 1 Android | 2024-08-03 | 7.8 High |
| In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of suggested networks due to a missing permission check. This could lead to local escalation of privilege by a background user on the same device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174749461 | ||||