Google

Android

7895 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7

CVE-2021-0476

  • EPSS 0.03%
  • Veröffentlicht 11.06.2021 17:15:09
  • Zuletzt bearbeitet 21.11.2024 05:42:47

In FindOrCreatePeer of btif_av.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: A...

7.8

CVE-2021-0477

  • EPSS 0.01%
  • Veröffentlicht 11.06.2021 17:15:09
  • Zuletzt bearbeitet 21.11.2024 05:42:47

In notifyScreenshotError of ScreenshotNotificationsController.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not ...

5.5

CVE-2021-0480

  • EPSS 0.07%
  • Veröffentlicht 11.06.2021 17:15:09
  • Zuletzt bearbeitet 21.11.2024 05:42:47

In createPendingIntent of SnoozeHelper.java, there is a possible broadcast intent containing a sensitive identifier. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploi...

9.3

CVE-2021-0481

  • EPSS 0.06%
  • Veröffentlicht 11.06.2021 17:15:09
  • Zuletzt bearbeitet 21.11.2024 05:42:47

In onActivityResult of EditUserPhotoController.java, there is a possible access of unauthorized files due to an unexpected URI handler. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...

7

CVE-2021-0482

  • EPSS 0.02%
  • Veröffentlicht 11.06.2021 17:15:09
  • Zuletzt bearbeitet 21.11.2024 05:42:47

In BinderDiedCallback of MediaCodec.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.P...

5.5

CVE-2021-0484

  • EPSS 0.03%
  • Veröffentlicht 11.06.2021 17:15:09
  • Zuletzt bearbeitet 21.11.2024 05:42:48

In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for e...

7.8

CVE-2021-0485

  • EPSS 0.01%
  • Veröffentlicht 11.06.2021 17:15:09
  • Zuletzt bearbeitet 21.11.2024 05:42:48

In getMinimalSize of PipBoundsAlgorithm.java, there is a possible bypass of restrictions on background processes due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User intera...

7.8

CVE-2021-0487

  • EPSS 0.01%
  • Veröffentlicht 11.06.2021 17:15:09
  • Zuletzt bearbeitet 21.11.2024 05:42:48

In onCreate of CalendarDebugActivity.java, there is a possible way to export calendar data to the sdcard without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. ...

2.4

CVE-2021-25409

  • EPSS 0.02%
  • Veröffentlicht 11.06.2021 15:15:10
  • Zuletzt bearbeitet 21.11.2024 05:54:56

Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device.

7.1

CVE-2021-25410

Exploit
  • EPSS 0.01%
  • Veröffentlicht 11.06.2021 15:15:10
  • Zuletzt bearbeitet 21.11.2024 05:54:56

Improper access control of a component in CallBGProvider prior to SMR JUN-2021 Release 1 allows local attackers to access arbitrary files with an escalated privilege.