CVE-2021-1026
- EPSS 0.11%
- Veröffentlicht 15.12.2021 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:43:25
In startRanging of RttServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execut...
CVE-2021-1027
- EPSS 0.11%
- Veröffentlicht 15.12.2021 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:43:25
In setTransactionState of SurfaceFlinger, there is possible arbitrary code execution in a privileged process due to improper casting. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...
CVE-2021-1028
- EPSS 0.11%
- Veröffentlicht 15.12.2021 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:43:25
In setClientStateLocked of SurfaceFlinger.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploi...
CVE-2021-1029
- EPSS 0.11%
- Veröffentlicht 15.12.2021 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:43:25
In setClientStateLocked of SurfaceFlinger.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploi...
CVE-2021-1030
- EPSS 0.11%
- Veröffentlicht 15.12.2021 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:43:25
In setNotificationsShownFromListener of NotificationManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information dis...
CVE-2021-1031
- EPSS 0.11%
- Veröffentlicht 15.12.2021 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:43:25
In cancelNotificationsFromListener of NotificationManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information discl...
CVE-2021-1032
- EPSS 0.11%
- Veröffentlicht 15.12.2021 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:43:26
In getMimeGroup of PackageManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional...
CVE-2021-1034
- EPSS 0.11%
- Veröffentlicht 15.12.2021 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:43:26
In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine whether an app is installed, without querypermissions due to a missing permission check. This could lead to localinformation disclosure with no additional ...
CVE-2021-1038
- EPSS 0.11%
- Veröffentlicht 15.12.2021 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:43:26
In UserDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking/overlay attack. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product:...
CVE-2021-1039
- EPSS 0.13%
- Veröffentlicht 15.12.2021 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:43:26
In NotificationAccessActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploita...