VYPR

Android SDK

by Google

CVEs (1,657)

  • CVE-2021-39809HigApr 12, 2022
    risk 0.49cvss 7.5epss 0.01

    In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-39762HigMar 30, 2022
    risk 0.49cvss 7.5epss 0.01

    In tremolo, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID:…

  • CVE-2021-39677HigFeb 11, 2022
    risk 0.49cvss 7.5epss 0.00

    In startVideoStream() there is a possibility of an OOB Read in the heap, when the camera buffer is ‘zero’ in size.Product: AndroidVersions: Android-11Android ID: A-205097028

  • CVE-2021-1022HigDec 15, 2021
    risk 0.49cvss 7.5epss 0.01

    In btif_in_hf_client_generic_evt of btif_hf_client.cc, there is a possible Bluetooth service crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-0555HigJun 22, 2021
    risk 0.49cvss 7.5epss 0.01

    In RenderStruct of protostream_objectsource.cc, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0466HigJun 11, 2021
    risk 0.49cvss 7.5epss 0.01

    In startIpClient of ClientModeImpl.java, there is a possible identifier which could be used to track a device. This could lead to remote information disclosure to a proximal attacker, with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2021-0435HigApr 13, 2021
    risk 0.49cvss 7.5epss 0.02

    In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0431HigApr 13, 2021
    risk 0.49cvss 7.5epss 0.02

    In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a paired device with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-0326HigFeb 10, 2021
    risk 0.49cvss 7.5epss 0.05

    In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not…

  • CVE-2021-0313HigJan 11, 2021
    risk 0.49cvss 7.5epss 0.02

    In isWordBreakAfter of LayoutUtils.cpp, there is a possible way to slow or crash a TextView due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2020-27024HigDec 15, 2020
    risk 0.49cvss 7.5epss 0.01

    In smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure triggered by a malformed Bluetooth packet, with no additional execution privileges needed. User interaction is…

  • CVE-2020-0463HigDec 14, 2020
    risk 0.49cvss 7.5epss 0.01

    In sdp_server_handle_client_req of sdp_server.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure from the bluetooth server with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0460HigDec 14, 2020
    risk 0.49cvss 7.5epss 0.01

    In createNameCredentialDialog of CertInstaller.java, there exists the possibility of improperly installed certificates due to a logic error. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0441HigNov 10, 2020
    risk 0.49cvss 7.5epss 0.01

    In Message and toBundle of Notification.java, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service requiring a device reset to fix with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0377HigOct 14, 2020
    risk 0.49cvss 7.5epss 0.02

    In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0381HigSep 17, 2020
    risk 0.49cvss 7.5epss 0.01

    In Parse_wave of eas_mdls.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote information disclosure in a highly constrained process with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0251HigAug 11, 2020
    risk 0.49cvss 7.5epss 0.00

    There is a possible out of bounds read due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-152647626

  • CVE-2020-0198HigJun 11, 2020
    risk 0.49cvss 7.5epss 0.04

    In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0142HigJun 11, 2020
    risk 0.49cvss 7.5epss 0.01

    In rw_i93_sm_format of rw_i93.c, there is a possible information disclosure due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0140HigJun 11, 2020
    risk 0.49cvss 7.5epss 0.01

    In rw_i93_sm_detect_ndef of rw_i93.c, there is a possible information disclosure due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

Page 35 of 83