Filtered by vendor Google
Subscribe
Total
12830 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-0443 | 1 Google | 1 Android | 2021-04-16 | 1.9 LOW | 4.7 MEDIUM |
| In several functions of ScreenshotHelper.java and related files, there is a possible incorrectly saved screenshot due to a race condition. This could lead to local information disclosure across user profiles with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-170474245 | |||||
| CVE-2021-30162 | 1 Google | 1 Android | 2021-04-13 | 3.6 LOW | 7.1 HIGH |
| An issue was discovered on LG mobile devices with Android OS 4.4 through 11 software. Attackers can leverage ISMS services to bypass access control on specific content providers. The LG ID is LVE-SMP-210003 (April 2021). | |||||
| CVE-2021-30161 | 1 Google | 1 Android | 2021-04-12 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered on LG mobile devices with Android OS 11 software. Attackers can bypass the lockscreen protection mechanism after an incoming call has been terminated. The LG ID is LVE-SMP-210002 (April 2021). | |||||
| CVE-2021-22538 | 1 Google | 1 Exposure Notifications Verification Server | 2021-04-06 | 6.5 MEDIUM | 8.8 HIGH |
| A privilege escalation vulnerability impacting the Google Exposure Notification Verification Server (versions prior to 0.23.1), allows an attacker who (1) has UserWrite permissions and (2) is using a carefully crafted request or malicious proxy, to create another user with higher privileges than their own. This occurs due to insufficient checks on the allowed set of permissions. The new user creation event would be captured in the Event Log. | |||||
| CVE-2021-25350 | 2 Google, Samsung | 2 Android, Account | 2021-03-30 | 2.1 LOW | 3.9 LOW |
| Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user information via log. | |||||
| CVE-2021-25346 | 1 Google | 1 Android | 2021-03-26 | 7.5 HIGH | 9.8 CRITICAL |
| A possible arbitrary memory overwrite vulnerabilities in quram library version prior to SMR Jan-2021 Release 1 allow arbitrary code execution. | |||||
| CVE-2021-0464 | 1 Google | 1 Android | 2021-03-17 | 4.6 MEDIUM | 7.8 HIGH |
| In sound_trigger_event_alloc of platform.h, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-167663878 | |||||
| CVE-2021-0465 | 1 Google | 1 Android | 2021-03-17 | 4.6 MEDIUM | 7.8 HIGH |
| In GenerateFaceMask of face.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-172005755 | |||||
| CVE-2021-0458 | 1 Google | 1 Android | 2021-03-16 | 2.1 LOW | 4.4 MEDIUM |
| In the FingerTipS touch screen driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-157156744 | |||||
| CVE-2021-0463 | 1 Google | 1 Android | 2021-03-16 | 1.9 LOW | 5.5 MEDIUM |
| In convertToHidl of convert.cpp, there is a possible out of bounds read due to uninitialized data from ReturnFrameworkMessage. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-154867068 | |||||
| CVE-2021-0397 | 1 Google | 1 Android | 2021-03-15 | 7.5 HIGH | 9.8 CRITICAL |
| In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174052148 | |||||
| CVE-2021-0396 | 1 Google | 1 Android | 2021-03-15 | 7.5 HIGH | 9.8 CRITICAL |
| In Builtins::Generate_ArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-160610106 | |||||
| CVE-2021-0398 | 1 Google | 1 Android | 2021-03-15 | 4.6 MEDIUM | 7.8 HIGH |
| In bindServiceLocked of ActiveServices.java, there is a possible foreground service launch due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-173516292 | |||||
| CVE-2021-0399 | 1 Google | 1 Android | 2021-03-15 | 4.6 MEDIUM | 7.8 HIGH |
| In qtaguid_untag of xt_qtaguid.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-176919394References: Upstream kernel | |||||
| CVE-2021-0371 | 1 Google | 1 Android | 2021-03-15 | 4.6 MEDIUM | 6.7 MEDIUM |
| In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-164440989 | |||||
| CVE-2021-21118 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-15 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | |||||
| CVE-2021-21139 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2021-03-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | |||||
| CVE-2021-0368 | 1 Google | 1 Android | 2021-03-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| In oggpack_look of bitwise.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-169829774 | |||||
| CVE-2021-0370 | 1 Google | 1 Android | 2021-03-15 | 4.6 MEDIUM | 6.7 MEDIUM |
| In Write of NxpMfcReader.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-169259605 | |||||
| CVE-2021-0456 | 1 Google | 1 Android | 2021-03-15 | 4.6 MEDIUM | 6.7 MEDIUM |
| In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174769927 | |||||