Export limit exceeded: 80548 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80548 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-25426 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| Improper component protection vulnerability in SmsViewerActivity of Samsung Message prior to SMR July-2021 Release 1 allows untrusted applications to access Message files. | ||||
| CVE-2021-25424 | 1 Samsung | 18 Galaxy Watch, Galaxy Watch 3, Galaxy Watch 3 Firmware and 15 more | 2024-11-21 | 8.8 High |
| Improper authentication vulnerability in Tizen bluetooth-frwk prior to Firmware update JUN-2021 Release allows bluetooth attacker to take over the user's bluetooth device without user awareness. | ||||
| CVE-2021-25418 | 1 Samsung | 1 Internet | 2024-11-21 | 7.8 High |
| Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute arbitrary activity in specific condition. | ||||
| CVE-2021-25417 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| Improper authorization in SDP SDK prior to SMR JUN-2021 Release 1 allows access to internal storage. | ||||
| CVE-2021-25414 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows local attackers to copy or overwrite arbitrary files with Samsung Contacts privilege. | ||||
| CVE-2021-25412 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| An improper access control vulnerability in genericssoservice prior to SMR JUN-2021 Release 1 allows local attackers to execute protected activity with system privilege via untrusted applications. | ||||
| CVE-2021-25410 | 1 Google | 1 Android | 2024-11-21 | 7.1 High |
| Improper access control of a component in CallBGProvider prior to SMR JUN-2021 Release 1 allows local attackers to access arbitrary files with an escalated privilege. | ||||
| CVE-2021-25408 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-11-21 | 7.8 High |
| A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution. | ||||
| CVE-2021-25407 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-11-21 | 7.8 High |
| A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write. | ||||
| CVE-2021-25401 | 1 Samsung | 1 Health | 2024-11-21 | 7.8 High |
| Intent redirection vulnerability in Samsung Health prior to version 6.16 allows attacker to execute privileged action. | ||||
| CVE-2021-25400 | 1 Samsung | 1 Internet | 2024-11-21 | 7.8 High |
| Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute privileged action. | ||||
| CVE-2021-25399 | 1 Samsung | 1 Smart Manager | 2024-11-21 | 7.1 High |
| Improper configuration in Smart Manager prior to version 11.0.05.0 allows attacker to access the file with system privilege. | ||||
| CVE-2021-25388 | 1 Google | 1 Android | 2024-11-21 | 7.1 High |
| Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers to install arbitrary app. | ||||
| CVE-2021-25374 | 2 Google, Samsung | 2 Android, Members | 2024-11-21 | 8.6 High |
| An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2.4.83.9 in Android O(8.1) and below, and 3.9.00.9 in Android P(9.0) and above allows remote attackers to access a user data related with Samsung Account. | ||||
| CVE-2021-25361 | 1 Google | 1 Android | 2024-11-21 | 7.9 High |
| An improper access control vulnerability in stickerCenter prior to SMR APR-2021 Release 1 allows local attackers to read or write arbitrary files of system process via untrusted applications. | ||||
| CVE-2021-25356 | 1 Google | 1 Android | 2024-11-21 | 7.1 High |
| An improper caller check vulnerability in Managed Provisioning prior to SMR APR-2021 Release 1 allows unprivileged application to install arbitrary application, grant device admin permission and then delete several installed application. | ||||
| CVE-2021-25346 | 1 Google | 1 Android | 2024-11-21 | 7.1 High |
| A possible arbitrary memory overwrite vulnerabilities in quram library version prior to SMR Jan-2021 Release 1 allow arbitrary code execution. | ||||
| CVE-2021-25330 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| Calling of non-existent provider in MobileWips application prior to SMR Feb-2021 Release 1 allows unauthorized actions including denial of service attack by hijacking the provider. | ||||
| CVE-2021-25328 | 1 Skyworthdigital | 2 Rn510, Rn510 Firmware | 2024-11-21 | 8.8 High |
| Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service (DoS) or possible code execution on the device. | ||||
| CVE-2021-25321 | 2 Opensuse, Suse | 6 Factory, Leap, Arpwatch and 3 more | 2024-11-21 | 7.8 High |
| A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 allows local attackers with control of the runtime user to run arpwatch as to escalate to root upon the next restart of arpwatch. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS arpwatch versions prior to 2.1a15. SUSE Manager Server 4.0 arpwatch versions prior to 2.1a15. SUSE OpenStack Cloud Crowbar 9 arpwatch versions prior to 2.1a15. openSUSE Factory arpwatch version 2.1a15-169.5 and prior versions. openSUSE Leap 15.2 arpwatch version 2.1a15-lp152.5.5 and prior versions. | ||||