CVE-2021-0799
- EPSS 0.12%
- Veröffentlicht 15.12.2021 19:15:10
- Zuletzt bearbeitet 21.11.2024 05:43:11
In ActivityThread.java, there is a possible way to collide the content provider's authorities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: A...
- EPSS 1.6%
- Veröffentlicht 15.12.2021 19:15:10
- Zuletzt bearbeitet 21.11.2024 05:43:13
In Android TV , there is a possible silent pairing due to lack of rate limiting in the pairing flow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: And...
CVE-2021-0904
- EPSS 0.13%
- Veröffentlicht 15.12.2021 19:15:10
- Zuletzt bearbeitet 21.11.2024 05:43:14
In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06076938...
CVE-2021-0918
- EPSS 0.45%
- Veröffentlicht 15.12.2021 19:15:10
- Zuletzt bearbeitet 21.11.2024 05:43:14
In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed ...
- EPSS 0.11%
- Veröffentlicht 15.12.2021 19:15:10
- Zuletzt bearbeitet 21.11.2024 05:43:14
In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. This could lead to local denial of service making the lockscreen unusable with no additional execution privileges needed. User interaction is ne...
CVE-2021-25513
- EPSS 0.11%
- Veröffentlicht 08.12.2021 15:15:08
- Zuletzt bearbeitet 21.11.2024 05:55:08
An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen.
CVE-2021-25514
- EPSS 0.24%
- Veröffentlicht 08.12.2021 15:15:08
- Zuletzt bearbeitet 21.11.2024 05:55:08
An improper intent redirection handling in Tags prior to SMR Dec-2021 Release 1 allows attackers to access sensitive information.
CVE-2021-25515
- EPSS 0.1%
- Veröffentlicht 08.12.2021 15:15:08
- Zuletzt bearbeitet 21.11.2024 05:55:09
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID.
CVE-2021-25516
- EPSS 0.3%
- Veröffentlicht 08.12.2021 15:15:08
- Zuletzt bearbeitet 21.11.2024 05:55:09
An improper check or handling of exceptional conditions in Exynos baseband prior to SMR Dec-2021 Release 1 allows attackers to track locations.
CVE-2021-25517
- EPSS 0.12%
- Veröffentlicht 08.12.2021 15:15:08
- Zuletzt bearbeitet 21.11.2024 05:55:09
An improper input validation vulnerability in LDFW prior to SMR Dec-2021 Release 1 allows attackers to perform arbitrary code execution.