Export limit exceeded: 352194 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (81184 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-39808 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In createNotificationChannelGroup of PreferencesHelper.java, there is a possible way for a service to run in foreground without user notification due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-209966086 | ||||
| CVE-2021-39807 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In handleNfcStateChanged of SecureNfcEnabler.java, there is a possible way to enable NFC from the Guest account due to a missing permission check. This could lead to local escalation of privilege from the Guest account with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-209446496 | ||||
| CVE-2021-39806 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In closef of label_backends_android.c, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege during startup of servicemanager, if an attacker can trigger an initialization failure, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215387420 | ||||
| CVE-2021-39802 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In change_pte_range of mprotect.c , there is a possible way to make a shared mmap writable due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213339151References: Upstream kernel | ||||
| CVE-2021-39801 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In ion_ioctl of ion-ioctl.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-209791720References: Upstream kernel | ||||
| CVE-2021-39799 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In AttributionSource of AttributionSource.java, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-200288596 | ||||
| CVE-2021-39798 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In Bitmap_createFromParcel of Bitmap.cpp, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-213169612 | ||||
| CVE-2021-39797 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In several functions of of LauncherApps.java, there is a possible escalation of privilege due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-209607104 | ||||
| CVE-2021-39796 | 1 Google | 1 Android | 2024-11-21 | 7.3 High |
| In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick victim to install harmful app due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-205595291 | ||||
| CVE-2021-39794 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In broadcastPortInfo of AdbService.java, there is a possible way for apps to run code as the shell user, if wireless debugging is enabled, due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-205836329 | ||||
| CVE-2021-39790 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In Dialer, there is a possible way to manipulate visual voicemail settings due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-186405146 | ||||
| CVE-2021-39789 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In Telecom, there is a possible leak of TTY mode change due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-203880906 | ||||
| CVE-2021-39787 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In SystemUI, there is a possible arbitrary Activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-202506934 | ||||
| CVE-2021-39784 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In CellBroadcastReceiver, there is a possible path to enable specific cellular features due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-200163477 | ||||
| CVE-2021-39783 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In rcsservice, there is a possible way to modify TTY mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-197960597 | ||||
| CVE-2021-39782 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In Telephony, there is a possible unauthorized modification of the PLMN SIM file due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-202760015 | ||||
| CVE-2021-39781 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In SmsController, there is a possible information disclosure due to a permissions bypass. This could lead to local escalation of privilege and sending sms with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-195311502 | ||||
| CVE-2021-39780 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In Traceur, there is a possible bypass of developer settings requirements for capturing system traces due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-204992293 | ||||
| CVE-2021-39776 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In NFC, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-192614125 | ||||
| CVE-2021-39772 | 1 Google | 1 Android | 2024-11-21 | 8.8 High |
| In Bluetooth, there is a possible way to access the a2dp audio control switch due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-181962322 | ||||