Google

Android

7931 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2021-0675

  • EPSS 0.02%
  • Veröffentlicht 15.12.2021 19:15:10
  • Zuletzt bearbeitet 21.11.2024 05:43:07

In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALP...

5.5

CVE-2021-0704

  • EPSS 0.01%
  • Veröffentlicht 15.12.2021 19:15:10
  • Zuletzt bearbeitet 21.11.2024 05:43:10

In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java, there is a possible way to retrieve accounts from the device without permissions due to a permissions bypass. This could lead to local information discl...

7.3

CVE-2021-0769

  • EPSS 0.02%
  • Veröffentlicht 15.12.2021 19:15:10
  • Zuletzt bearbeitet 21.11.2024 05:43:11

In onCreate of AllowBindAppWidgetActivity.java, there is a possible bypass of user interaction requirements due to unclear UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed...

7.8

CVE-2021-0799

  • EPSS 0.01%
  • Veröffentlicht 15.12.2021 19:15:10
  • Zuletzt bearbeitet 21.11.2024 05:43:11

In ActivityThread.java, there is a possible way to collide the content provider's authorities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: A...

10

CVE-2021-0889

  • EPSS 3.66%
  • Veröffentlicht 15.12.2021 19:15:10
  • Zuletzt bearbeitet 21.11.2024 05:43:13

In Android TV , there is a possible silent pairing due to lack of rate limiting in the pairing flow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: And...

7.2

CVE-2021-0904

  • EPSS 0.01%
  • Veröffentlicht 15.12.2021 19:15:10
  • Zuletzt bearbeitet 21.11.2024 05:43:14

In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06076938...

8.8

CVE-2021-0918

  • EPSS 0.16%
  • Veröffentlicht 15.12.2021 19:15:10
  • Zuletzt bearbeitet 21.11.2024 05:43:14

In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed ...

5

CVE-2021-0919

  • EPSS 0.04%
  • Veröffentlicht 15.12.2021 19:15:10
  • Zuletzt bearbeitet 21.11.2024 05:43:14

In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. This could lead to local denial of service making the lockscreen unusable with no additional execution privileges needed. User interaction is ne...

2.4

CVE-2021-25513

  • EPSS 0.02%
  • Veröffentlicht 08.12.2021 15:15:08
  • Zuletzt bearbeitet 21.11.2024 05:55:08

An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen.

6.5

CVE-2021-25514

  • EPSS 0.07%
  • Veröffentlicht 08.12.2021 15:15:08
  • Zuletzt bearbeitet 21.11.2024 05:55:08

An improper intent redirection handling in Tags prior to SMR Dec-2021 Release 1 allows attackers to access sensitive information.