U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 2,592 matching records.
Displaying matches 1,781 through 1,800.
Vuln ID Summary CVSS Severity
CVE-2021-0329

In several native functions called by AdvertiseManager.java, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth server with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-171400004

Published: February 10, 2021; 12:15:19 PM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-0328

In onBatchScanReports and deliverBatchScan of GattService.java, there is a possible way to retrieve Bluetooth scan results without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172670415

Published: February 10, 2021; 12:15:19 PM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-0327

In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-172935267

Published: February 10, 2021; 12:15:19 PM -0500 		V4.0:(not available)
 V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-0326

In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525

Published: February 10, 2021; 12:15:19 PM -0500 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0: 7.9 HIGH
CVE-2021-0325

In ih264d_parse_pslice of ih264d_parse_pslice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-174238784

Published: February 10, 2021; 12:15:18 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2020-11836

OPPO Android Phone with MTK chipset and Android 8.1/9/10/11 versions have an information leak vulnerability. The “adb shell getprop ro.vendor.aee.enforcing” or “adb shell getprop ro.vendor.aee.enforcing” return no.

Published: February 05, 2021; 7:15:12 PM -0500 		V4.0:(not available)
 V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2021-0351

In wlan driver, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID: ALPS05412917.

Published: February 04, 2021; 2:15:13 PM -0500 		V4.0:(not available)
 V3.1: 7.5 HIGH
V2.0: 7.8 HIGH
CVE-2021-0350

In ged, there is a possible system crash due to an improper input validation. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID: ALPS05342338.

Published: February 04, 2021; 2:15:13 PM -0500 		V4.0:(not available)
 V3.1: 4.4 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2021-0349

In display driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11; Patch ID: ALPS05362646.

Published: February 04, 2021; 2:15:13 PM -0500 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2021-0348

In vpu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11; Patch ID: ALPS05349201.

Published: February 04, 2021; 2:15:13 PM -0500 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2021-0347

In ccu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID: ALPS05377188.

Published: February 04, 2021; 2:15:13 PM -0500 		V4.0:(not available)
 V3.1: 4.4 MEDIUM
V2.0: 2.1 LOW
CVE-2021-0346

In vpu, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05371580.

Published: February 04, 2021; 2:15:13 PM -0500 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2021-0345

In mobile_log_d, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05432974.

Published: February 04, 2021; 2:15:13 PM -0500 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2021-0344

In mtkpower, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05437558.

Published: February 04, 2021; 2:15:13 PM -0500 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2021-0343

In kisd, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05449962.

Published: February 04, 2021; 2:15:13 PM -0500 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2021-0365

In display driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05454782.

Published: February 02, 2021; 7:15:17 PM -0500 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0: 4.6 MEDIUM
CVE-2021-0364

In mobile_log_d, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05458478; Issue ID: ALPS05458503.

Published: February 02, 2021; 7:15:16 PM -0500 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0: 4.6 MEDIUM
CVE-2021-0363

In mobile_log_d, there is a possible command injection due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05458478.

Published: February 02, 2021; 7:15:16 PM -0500 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0: 4.6 MEDIUM
CVE-2021-0362

In aee, there is a possible memory corruption due to a stack buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05457070.

Published: February 02, 2021; 7:15:16 PM -0500 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0: 4.6 MEDIUM
CVE-2021-0361

In kisd, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05449968.

Published: February 02, 2021; 7:15:16 PM -0500 		V4.0:(not available)
 V3.1: 6.7 MEDIUM
V2.0: 4.6 MEDIUM