CVE-2021-0375
- EPSS 0.12%
- Veröffentlicht 10.03.2021 16:15:15
- Zuletzt bearbeitet 21.11.2024 05:42:36
In onPackageModified of VoiceInteractionManagerService.java, there is a possible change of default applications due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User in...
CVE-2021-0376
- EPSS 0.12%
- Veröffentlicht 10.03.2021 16:15:15
- Zuletzt bearbeitet 21.11.2024 05:42:36
In checkUriPermission and related functions of MediaProvider.java, there is a possible way to access external files due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User int...
CVE-2021-0377
- EPSS 0.12%
- Veröffentlicht 10.03.2021 16:15:15
- Zuletzt bearbeitet 21.11.2024 05:42:36
In DeltaPerformer::Write of delta_performer.cc, there is a possible use of untrusted input due to improper input validation. This could lead to a local bypass of defense in depth protections with no additional execution privileges needed. User intera...
CVE-2021-0378
- EPSS 0.76%
- Veröffentlicht 10.03.2021 16:15:15
- Zuletzt bearbeitet 21.11.2024 05:42:36
In getNbits of pvmp3_getbits.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Produ...
CVE-2021-0390
- EPSS 0.24%
- Veröffentlicht 10.03.2021 16:15:15
- Zuletzt bearbeitet 21.11.2024 05:42:37
In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of suggested networks due to a missing permission check. This could lead to local escalation of privilege by a background user on the same device with no addit...
CVE-2021-0391
- EPSS 0.66%
- Veröffentlicht 10.03.2021 16:15:15
- Zuletzt bearbeitet 21.11.2024 05:42:38
In onCreate() of ChooseTypeAndAccountActivity.java, there is a possible way to learn the existence of an account, without permissions, due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges...
CVE-2021-0392
- EPSS 0.25%
- Veröffentlicht 10.03.2021 16:15:15
- Zuletzt bearbeitet 21.11.2024 05:42:38
In main of main.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2020-0025
- EPSS 0.13%
- Veröffentlicht 10.03.2021 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:52:46
In deletePackageVersionedInternal of PackageManagerService.java, there is a possible way to exit Screen Pinning due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interac...
CVE-2021-25344
- EPSS 0.12%
- Veröffentlicht 04.03.2021 22:15:14
- Zuletzt bearbeitet 21.11.2024 05:54:48
Missing permission check in knox_custom service prior to SMR Mar-2021 Release 1 allows attackers to gain access to device's serial number without permission.
CVE-2021-25345
- EPSS 0.12%
- Veröffentlicht 04.03.2021 22:15:14
- Zuletzt bearbeitet 21.11.2024 05:54:48
Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format.