Export limit exceeded: 80116 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80116 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-0466 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| In startIpClient of ClientModeImpl.java, there is a possible identifier which could be used to track a device. This could lead to remote information disclosure to a proximal attacker, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-154114734 | ||||
| CVE-2021-0465 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In GenerateFaceMask of face.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-172005755 | ||||
| CVE-2021-0464 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In sound_trigger_event_alloc of platform.h, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-167663878 | ||||
| CVE-2021-0446 | 1 Google | 1 Android | 2024-11-21 | 7.3 High |
| In ImportVCardActivity, there is a possible way to bypass user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-172252122 | ||||
| CVE-2021-0445 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In start of WelcomeActivity.java, there is a possible residual profile due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9Android ID: A-172322502 | ||||
| CVE-2021-0442 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In updateInfo of android_hardware_input_InputApplicationHandle.cpp, there is a possible control of code flow due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174768985 | ||||
| CVE-2021-0441 | 1 Google | 1 Android | 2024-11-21 | 7.3 High |
| In onCreate of PermissionActivity.java, there is a possible permission bypass due to Confusing UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174495520 | ||||
| CVE-2021-0439 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In setPowerModeWithHandle of com_android_server_power_PowerManagerService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174243830 | ||||
| CVE-2021-0438 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In several functions of InputDispatcher.cpp, WindowManagerService.java, and related files, there is a possible tapjacking attack due to an incorrect FLAG_OBSCURED value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10Android ID: A-152064592 | ||||
| CVE-2021-0437 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In setPlayPolicy of DrmPlugin.cpp, there is a possible double free. This could lead to local escalation of privilege in a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-176168330 | ||||
| CVE-2021-0435 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174150451 | ||||
| CVE-2021-0434 | 1 Google | 1 Android | 2024-11-21 | 7.3 High |
| In onReceive of BluetoothPermissionRequest.java, there is a possible phishing attack allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the user in the consent dialog. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-167403112 | ||||
| CVE-2021-0433 | 1 Google | 1 Android | 2024-11-21 | 8.0 High |
| In onCreate of DeviceChooserActivity.java, there is a possible way to bypass user consent when pairing a Bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege and pairing malicious devices with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-171221090 | ||||
| CVE-2021-0432 | 1 Google | 1 Android | 2024-11-21 | 7.0 High |
| In ClearPullerCacheIfNecessary and ForceClearPullerCache of StatsPullerManager.cpp, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-173552790 | ||||
| CVE-2021-0431 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a paired device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174149901 | ||||
| CVE-2021-0429 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In pollOnce of ALooper.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-175074139 | ||||
| CVE-2021-0427 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In parseExclusiveStateAnnotation of LogEvent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174488848 | ||||
| CVE-2021-0426 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In parsePrimaryFieldFirstUidAnnotation of LogEvent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174485572 | ||||
| CVE-2021-0399 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In qtaguid_untag of xt_qtaguid.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-176919394References: Upstream kernel | ||||
| CVE-2021-0398 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In bindServiceLocked of ActiveServices.java, there is a possible foreground service launch due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-173516292 | ||||