CVE-2021-0932
- EPSS 0.12%
- Veröffentlicht 15.12.2021 19:15:11
- Zuletzt bearbeitet 21.11.2024 05:43:16
In showNotification of NavigationModeController.java, there is a possible confused deputy due to an unsafe PendingIntent. This could lead to local escalation of privilege that allows actions performed as the System UI with User execution privileges n...
- EPSS 0.38%
- Veröffentlicht 15.12.2021 19:15:11
- Zuletzt bearbeitet 21.11.2024 05:43:16
In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation. This could lead to remote escalation of privilege, confusing the use...
- EPSS 0.14%
- Veröffentlicht 15.12.2021 19:15:11
- Zuletzt bearbeitet 21.11.2024 05:43:18
In doCropPhoto of PhotoSelectionHandler.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure of user's contacts with no additional execution privileges needed. User interaction is neede...
CVE-2021-0953
- EPSS 0.11%
- Veröffentlicht 15.12.2021 19:15:11
- Zuletzt bearbeitet 21.11.2024 05:43:18
In setOnClickActivityIntent of SearchWidgetProvider.java, there is a possible way to access contacts and history bookmarks without permission due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privile...
CVE-2021-0954
- EPSS 0.26%
- Veröffentlicht 15.12.2021 19:15:11
- Zuletzt bearbeitet 21.11.2024 05:43:18
In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidV...
- EPSS 0.09%
- Veröffentlicht 15.12.2021 19:15:11
- Zuletzt bearbeitet 21.11.2024 05:43:18
In pf_write_buf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: ...
- EPSS 1.23%
- Veröffentlicht 15.12.2021 19:15:11
- Zuletzt bearbeitet 21.11.2024 05:43:18
In NfcTag::discoverTechnologies (activation) of NfcTag.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additionalSystem execution privileges needed. User interac...
CVE-2021-0958
- EPSS 0.11%
- Veröffentlicht 15.12.2021 19:15:11
- Zuletzt bearbeitet 21.11.2024 05:43:18
In update of km_compat.cpp, there is a possible loss of potentially sensitive data due to a logic error in the code. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Pro...
CVE-2021-0961
- EPSS 0.15%
- Veröffentlicht 15.12.2021 19:15:11
- Zuletzt bearbeitet 21.11.2024 05:43:19
In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Prod...
CVE-2021-0963
- EPSS 0.2%
- Veröffentlicht 15.12.2021 19:15:11
- Zuletzt bearbeitet 21.11.2024 05:43:19
In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User inter...