Filtered by vendor Google
Subscribe
Total
12830 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-39782 | 1 Google | 1 Android | 2022-04-05 | 4.6 MEDIUM | 7.8 HIGH |
| In Telephony, there is a possible unauthorized modification of the PLMN SIM file due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-202760015 | |||||
| CVE-2021-39745 | 1 Google | 1 Android | 2022-04-05 | 2.1 LOW | 5.5 MEDIUM |
| In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-206127671 | |||||
| CVE-2021-39783 | 1 Google | 1 Android | 2022-04-05 | 4.6 MEDIUM | 7.8 HIGH |
| In rcsservice, there is a possible way to modify TTY mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-197960597 | |||||
| CVE-2021-39744 | 1 Google | 1 Android | 2022-04-05 | 2.1 LOW | 5.5 MEDIUM |
| In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-192369136 | |||||
| CVE-2021-39784 | 1 Google | 1 Android | 2022-04-05 | 4.6 MEDIUM | 7.8 HIGH |
| In CellBroadcastReceiver, there is a possible path to enable specific cellular features due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-200163477 | |||||
| CVE-2021-39787 | 1 Google | 1 Android | 2022-04-05 | 9.3 HIGH | 7.8 HIGH |
| In SystemUI, there is a possible arbitrary Activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-202506934 | |||||
| CVE-2021-39786 | 1 Google | 1 Android | 2022-04-05 | 4.6 MEDIUM | 6.7 MEDIUM |
| In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-192551247 | |||||
| CVE-2021-39741 | 1 Google | 1 Android | 2022-04-05 | 4.6 MEDIUM | 7.8 HIGH |
| In Keymaster, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-173567719 | |||||
| CVE-2021-39739 | 1 Google | 1 Android | 2022-04-05 | 2.1 LOW | 3.3 LOW |
| In ArrayMap, there is a possible leak of the content of SMS messages due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-184525194 | |||||
| CVE-2021-39740 | 1 Google | 1 Android | 2022-04-05 | 2.1 LOW | 5.5 MEDIUM |
| In Messaging, there is a possible way to bypass attachment restrictions due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-209965112 | |||||
| CVE-2021-0675 | 2 Google, Mediatek | 57 Android, Mt6570, Mt6580 and 54 more | 2022-04-01 | 7.2 HIGH | 7.8 HIGH |
| In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064258. | |||||
| CVE-2021-0904 | 2 Google, Mediatek | 5 Android, Mt6771, Mt8183 and 2 more | 2022-04-01 | 7.2 HIGH | 6.7 MEDIUM |
| In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06076938; Issue ID: ALPS06076938. | |||||
| CVE-2022-0290 | 1 Google | 1 Chrome | 2022-04-01 | 6.8 MEDIUM | 9.6 CRITICAL |
| Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2022-0289 | 1 Google | 1 Chrome | 2022-03-31 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Safe browsing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-39725 | 1 Google | 1 Android | 2022-03-23 | 4.6 MEDIUM | 6.7 MEDIUM |
| In gasket_free_coherent_memory_all of gasket_page_table.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-151454974References: N/A | |||||
| CVE-2021-39726 | 1 Google | 1 Android | 2022-03-23 | 5.0 MEDIUM | 7.5 HIGH |
| In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-181782896References: N/A | |||||
| CVE-2021-39729 | 1 Google | 1 Android | 2022-03-23 | 4.6 MEDIUM | 6.7 MEDIUM |
| In the TitanM chip, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-202006191References: N/A | |||||
| CVE-2021-39727 | 1 Google | 1 Android | 2022-03-23 | 1.9 LOW | 4.1 MEDIUM |
| In eicPresentationRetrieveEntryValue of acropora/app/identity/libeic/EicPresentation.c, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196388042References: N/A | |||||
| CVE-2021-39730 | 1 Google | 1 Android | 2022-03-23 | 2.1 LOW | 4.4 MEDIUM |
| In TBD of TBD, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-206472503References: N/A | |||||
| CVE-2021-39731 | 1 Google | 1 Android | 2022-03-23 | 4.6 MEDIUM | 6.7 MEDIUM |
| In ProtocolStkProactiveCommandAdapter::Init of protocolstkadapter.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205036834References: N/A | |||||