CVE-2021-1018
- EPSS 0.11%
- Veröffentlicht 15.12.2021 19:15:13
- Zuletzt bearbeitet 21.11.2024 05:43:24
In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional ex...
CVE-2021-1019
- EPSS 0.12%
- Veröffentlicht 15.12.2021 19:15:13
- Zuletzt bearbeitet 21.11.2024 05:43:24
In snoozeNotification of NotificationListenerService.java, there is a possible permission confusion due to a misleading user consent dialog. This could lead to local escalation of privilege with User execution privileges needed. User interaction is n...
CVE-2021-1020
- EPSS 0.12%
- Veröffentlicht 15.12.2021 19:15:13
- Zuletzt bearbeitet 21.11.2024 05:43:24
In snoozeNotification of NotificationListenerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed....
CVE-2021-0967
- EPSS 1.01%
- Veröffentlicht 15.12.2021 19:15:12
- Zuletzt bearbeitet 21.11.2024 05:43:19
In vorbis_book_decodev_set of codebook.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitat...
CVE-2021-0968
- EPSS 0.65%
- Veröffentlicht 15.12.2021 19:15:12
- Zuletzt bearbeitet 21.11.2024 05:43:19
In osi_malloc and osi_calloc of allocator.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2021-0969
- EPSS 0.56%
- Veröffentlicht 15.12.2021 19:15:12
- Zuletzt bearbeitet 21.11.2024 05:43:19
In getTitle of AccessPoint.java, there is a possible unhandled exception due to a missing null check. This could lead to remote denial of service if a proximal Wi-Fi AP provides invalid information with no additional execution privileges needed. User...
CVE-2021-0970
- EPSS 0.2%
- Veröffentlicht 15.12.2021 19:15:12
- Zuletzt bearbeitet 21.11.2024 05:43:19
In createFromParcel of GpsNavigationMessage.java, there is a possible Parcel serialization/deserialization mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for e...
CVE-2021-0971
- EPSS 0.65%
- Veröffentlicht 15.12.2021 19:15:12
- Zuletzt bearbeitet 21.11.2024 05:43:19
In MPEG4Source::read of MPEG4Extractor.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploit...
- EPSS 0.13%
- Veröffentlicht 15.12.2021 19:15:12
- Zuletzt bearbeitet 21.11.2024 05:43:20
In isFileUri of UriUtil.java, there is a possible way to bypass ignoring file://URI attachment due to improper handling of case sensitivity. This could lead to local information disclosure with no additional execution privileges needed. User interact...
CVE-2021-0976
- EPSS 0.65%
- Veröffentlicht 15.12.2021 19:15:12
- Zuletzt bearbeitet 21.11.2024 05:43:20
In toBARK of floor0.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: Android...