Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:google:android:10.0:-:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2021-25488 |
Lack of boundary checking of a buffer in recv_data() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read. Published: October 06, 2021; 2:15:09 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2021-25487 |
Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer. Published: October 06, 2021; 2:15:09 PM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2021-25486 |
Exposure of information vulnerability in ipcdump prior to SMR Oct-2021 Release 1 allows an attacker detect device information via analyzing packet in log. Published: October 06, 2021; 2:15:09 PM -0400 |
V4.0:(not available) V3.1: 3.3 LOW V2.0: 2.1 LOW |
CVE-2021-25485 |
Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Oct-2021 Release 1 allows attackers to write file as system UID via BT remote socket. Published: October 06, 2021; 2:15:09 PM -0400 |
V4.0:(not available) V3.1: 8.0 HIGH V2.0: 5.8 MEDIUM |
CVE-2021-25484 |
Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event. Published: October 06, 2021; 2:15:09 PM -0400 |
V4.0:(not available) V3.1: 3.3 LOW V2.0: 2.1 LOW |
CVE-2021-25483 |
Lack of boundary checking of a buffer in livfivextractor library prior to SMR Oct-2021 Release 1 allows OOB read. Published: October 06, 2021; 2:15:09 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2021-25481 |
An improper error handling in Exynos CP booting driver prior to SMR Oct-2021 Release 1 allows local attackers to bypass a Secure Memory Protector of Exynos CP Memory. Published: October 06, 2021; 2:15:09 PM -0400 |
V4.0:(not available) V3.1: 6.7 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2021-25480 |
A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem prior to SMR Oct-2021 Release 1 can lead to remote denial of service on mobile network connection. Published: October 06, 2021; 2:15:09 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2021-25479 |
A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. Published: October 06, 2021; 2:15:09 PM -0400 |
V4.0:(not available) V3.1: 7.2 HIGH V2.0: 6.5 MEDIUM |
CVE-2021-25478 |
A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. Published: October 06, 2021; 2:15:09 PM -0400 |
V4.0:(not available) V3.1: 7.2 HIGH V2.0: 6.5 MEDIUM |
CVE-2021-25477 |
An improper error handling in Mediatek RRC Protocol stack prior to SMR Oct-2021 Release 1 allows modem crash and remote denial of service. Published: October 06, 2021; 2:15:09 PM -0400 |
V4.0:(not available) V3.1: 4.9 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2021-25476 |
An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE. Published: October 06, 2021; 2:15:09 PM -0400 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2021-25475 |
A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. Published: October 06, 2021; 2:15:08 PM -0400 |
V4.0:(not available) V3.1: 6.7 MEDIUM V2.0: 7.2 HIGH |
CVE-2021-25474 |
Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_show_on_qspanel value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset. Published: October 06, 2021; 2:15:08 PM -0400 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2021-25472 |
An improper access control vulnerability in BluetoothSettingsProvider prior to SMR Oct-2021 Release 1 allows untrusted application to overwrite some Bluetooth information. Published: October 06, 2021; 2:15:08 PM -0400 |
V4.0:(not available) V3.1: 3.3 LOW V2.0: 2.1 LOW |
CVE-2021-25471 |
A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion. Published: October 06, 2021; 2:15:08 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2021-25470 |
An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE. Published: October 06, 2021; 2:15:08 PM -0400 |
V4.0:(not available) V3.1: 7.9 HIGH V2.0: 3.6 LOW |
CVE-2021-25469 |
A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution. Published: October 06, 2021; 2:15:08 PM -0400 |
V4.0:(not available) V3.1: 6.7 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2021-25468 |
A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address. Published: October 06, 2021; 2:15:08 PM -0400 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2021-0692 |
In sendBroadcastToInstaller of FirstScreenBroadcast.java, there is a possible activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-179289753 Published: October 06, 2021; 11:15:15 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |