VYPR

Android SDK

by Google

CVEs (1,763)

  • CVE-2021-0875Apr 19, 2023
    risk 0.00cvss epss 0.00

    In PVRSRVBridgeChangeSparseMem of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User…

  • CVE-2021-0876Apr 19, 2023
    risk 0.00cvss epss 0.00

    In PVRSRVBridgePhysmemNewRamBackedLockedPMR of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed.…

  • CVE-2023-21089Apr 19, 2023
    risk 0.00cvss epss 0.00

    In startInstrumentation of ActivityManagerService.java, there is a possible way to keep the foreground service alive while the app is in the background. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not…

  • CVE-2021-0873Apr 19, 2023
    risk 0.00cvss epss 0.00

    In PVRSRVBridgeRGXKickRS of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is…

  • CVE-2021-0872Apr 19, 2023
    risk 0.00cvss epss 0.00

    In PVRSRVBridgeRGXKickVRDM of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction…

  • CVE-2023-21084Apr 19, 2023
    risk 0.00cvss epss 0.00

    In buildPropFile of filesystem.go, there is a possible insecure hash due to an improperly used crypto. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21082Apr 19, 2023
    risk 0.00cvss epss 0.00

    In getNumberFromCallIntent of NewOutgoingCallIntentBroadcaster.java, there is a possible way to enumerate other user's contact phone number due to a confused deputy. This could lead to local information disclosure with User execution privileges needed. User interaction is not…

  • CVE-2021-0879Apr 19, 2023
    risk 0.00cvss epss 0.00

    In PVRSRVBridgeRGXTDMSubmitTransfer of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User…

  • CVE-2023-21085Apr 19, 2023
    risk 0.00cvss epss 0.00

    In nci_snd_set_routing_cmd of nci_hmsgs.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2023-20967Apr 19, 2023
    risk 0.00cvss epss 0.00

    In avdt_scb_hdl_pkt_no_frag of avdt_scb_act.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21099Apr 19, 2023
    risk 0.00cvss epss 0.00

    In multiple methods of PackageInstallerSession.java, there is a possible way to start foreground services from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is…

  • CVE-2023-21091Apr 19, 2023
    risk 0.00cvss epss 0.00

    In canDisplayLocalUi of AppLocalePickerActivity.java, there is a possible way to change system app locales due to a missing permission check. This could lead to local denial of service across user boundaries with no additional execution privileges needed. User interaction is not…

  • CVE-2023-21100Apr 19, 2023
    risk 0.00cvss epss 0.00

    In inflate of inflate.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12…

  • CVE-2023-21081Apr 19, 2023
    risk 0.00cvss epss 0.00

    In multiple functions of PackageInstallerService.java and related files, there is a possible way to bypass background activity launch restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed.…

  • CVE-2021-0878Apr 19, 2023
    risk 0.00cvss epss 0.00

    In PVRSRVBridgeServerSyncGetStatus of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User…

  • CVE-2021-0880Apr 19, 2023
    risk 0.00cvss epss 0.00

    In PVRSRVBridgeRGXKickTA3D of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction…

  • CVE-2021-0884Apr 19, 2023
    risk 0.00cvss epss 0.00

    In PVRSRVBridgePhysmemImportSparseDmaBuf of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed.…

  • CVE-2023-21080Apr 19, 2023
    risk 0.00cvss epss 0.00

    In register_notification_rsp of btif_rc.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2023-21087Apr 19, 2023
    risk 0.00cvss epss 0.00

    In PreferencesHelper.java, an uncaught exception may cause the device to get stuck in a boot loop. This could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2023-21098Apr 19, 2023
    risk 0.00cvss epss 0.00

    In multiple functions of AccountManagerService.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not…

Page 16 of 89