Google

Android

8158 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.12%
  • Veröffentlicht 17.08.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 05:43:03

In multiple functions of libl3oemcrypto.cpp, there is a possible weakness in the existing obfuscation mechanism due to the way sensitive data is handled. This could lead to local information disclosure with no additional execution privileges needed. ...

  • EPSS 0.22%
  • Veröffentlicht 17.08.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 05:43:03

In noteAtomLogged of StatsdStats.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitat...

  • EPSS 0.11%
  • Veröffentlicht 17.08.2021 19:15:07
  • Zuletzt bearbeitet 25.02.2026 18:16:52

In getAvailableSubscriptionInfoList of SubscriptionController.java, there is a possible disclosure of unique identifiers due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

  • EPSS 0.33%
  • Veröffentlicht 17.08.2021 19:15:07
  • Zuletzt bearbeitet 25.02.2026 18:16:53

In onResume of VoicemailSettingsFragment.java, there is a possible way to retrieve a trackable identifier without permissions due to a missing permission check. This could lead to local information disclosure with no additional execution privileges n...

  • EPSS 0.33%
  • Veröffentlicht 17.08.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 05:43:04

In shouldBlockFromTree of ExternalStorageProvider.java, there is a possible permissions bypass. This could lead to local escalation of privilege, allowing an app to read private app directories in external storage, which should be restricted in Andro...

  • EPSS 0.1%
  • Veröffentlicht 12.08.2021 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:17:36

An issue was discovered on LG mobile devices with Android OS P and Q software for mt6762/mt6765/mt6883. Attackers can change some of the NvRAM content by leveraging the misconfiguration of a debug command. The LG ID is LVE-SMP-210005 (August 2021).

  • EPSS 0.1%
  • Veröffentlicht 05.08.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:54:59

A use after free vulnerability in conn_gadget driver prior to SMR AUG-2021 Release 1 allows malicious action by an attacker.

  • EPSS 0.76%
  • Veröffentlicht 05.08.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:54:59

An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process.

  • EPSS 0.14%
  • Veröffentlicht 14.07.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 04:53:28

In setNiNotification of GpsNetInitiatedHandler.java, there is a possible permissions bypass due to an empty mutable PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed ...

  • EPSS 0.12%
  • Veröffentlicht 14.07.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 05:42:43

In onCreate of PermissionActivity.java, there is a possible permission bypass due to Confusing UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: A...