) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CVSS Version: 3
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2021-0463 |
In convertToHidl of convert.cpp, there is a possible out of bounds read due to uninitialized data from ReturnFrameworkMessage. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-154867068 Published: March 10, 2021; 12:15:14 PM -0500 |
V3.1: 5.5 MEDIUM V2.0: 1.9 LOW |
| CVE-2021-0462 |
In the NXP NFC firmware, there is a possible insecure firmware update due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-168799695 Published: March 10, 2021; 12:15:14 PM -0500 |
V3.1: 6.7 MEDIUM V2.0: 4.6 MEDIUM |
| CVE-2021-0461 |
In iaxxx_core_sensor_change_state of iaxxx-module.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175124074 Published: March 10, 2021; 12:15:14 PM -0500 |
V3.1: 6.7 MEDIUM V2.0: 4.6 MEDIUM |
| CVE-2021-0460 |
In the FingerTipS touch screen driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-156739245 Published: March 10, 2021; 12:15:14 PM -0500 |
V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
| CVE-2021-0459 |
In fts_driver_test_write of fts_proc.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-157154534 Published: March 10, 2021; 12:15:14 PM -0500 |
V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
| CVE-2021-0458 |
In the FingerTipS touch screen driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-157156744 Published: March 10, 2021; 12:15:14 PM -0500 |
V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
| CVE-2021-0457 |
In the FingerTipS touch screen driver, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-157155375 Published: March 10, 2021; 12:15:14 PM -0500 |
V3.1: 6.7 MEDIUM V2.0: 4.6 MEDIUM |
| CVE-2021-0456 |
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174769927 Published: March 10, 2021; 12:15:14 PM -0500 |
V3.1: 6.7 MEDIUM V2.0: 4.6 MEDIUM |
| CVE-2021-0455 |
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175116439 Published: March 10, 2021; 12:15:14 PM -0500 |
V3.1: 6.7 MEDIUM V2.0: 7.2 HIGH |
| CVE-2021-0454 |
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175117047 Published: March 10, 2021; 12:15:14 PM -0500 |
V3.1: 6.7 MEDIUM V2.0: 7.2 HIGH |
| CVE-2021-0453 |
In the Titan-M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175117199 Published: March 10, 2021; 12:15:14 PM -0500 |
V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
| CVE-2021-0452 |
In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175117261 Published: March 10, 2021; 12:15:14 PM -0500 |
V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
| CVE-2021-0451 |
In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175117871 Published: March 10, 2021; 12:15:14 PM -0500 |
V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
| CVE-2021-0450 |
In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175117880 Published: March 10, 2021; 12:15:13 PM -0500 |
V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
| CVE-2021-0449 |
In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-175117965 Published: March 10, 2021; 12:15:13 PM -0500 |
V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
| CVE-2021-0389 |
In setNightModeActivated of UiModeManagerService.java, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-168039904 Published: March 10, 2021; 12:15:13 PM -0500 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
| CVE-2021-0388 |
In onReceive of ImsPhoneCallTracker.java, there is a possible misattribution of data usage due to an incorrect broadcast handler. This could lead to local escalation of privilege resulting in attributing video call data to the wrong app, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-162741489 Published: March 10, 2021; 12:15:13 PM -0500 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
| CVE-2021-0387 |
In FindQuotaDeviceForUuid of QuotaUtils.cpp, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-169421939 Published: March 10, 2021; 12:15:13 PM -0500 |
V3.1: 6.4 MEDIUM V2.0: 6.9 MEDIUM |
| CVE-2021-0386 |
In onCreate of UsbConfirmActivity, there is a possible tapjacking vector due to an insecure default value. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-173421110 Published: March 10, 2021; 12:15:13 PM -0500 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2021-0385 |
In createConnectToAvailableNetworkNotification of ConnectToNetworkNotificationBuilder.java, there is a possible connection to untrusted WiFi networks due to notification interaction above the lockscreen. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-172584372 Published: March 10, 2021; 12:15:13 PM -0500 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |