VYPR

Android SDK

by Google

CVEs (1,766)

  • CVE-2021-39755MedMar 30, 2022
    risk 0.36cvss 5.5epss 0.00

    In DevicePolicyManager, there is a possible way to reveal the existence of an installed package without proper query permissions due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User…

  • CVE-2021-39754MedMar 30, 2022
    risk 0.36cvss 5.5epss 0.00

    In ContextImpl, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed…

  • CVE-2021-39753MedMar 30, 2022
    risk 0.36cvss 5.5epss 0.00

    In DomainVerificationService, there is a possible way to access app domain verification information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2021-39751MedMar 30, 2022
    risk 0.36cvss 5.5epss 0.00

    In Settings, there is a possible way to read Bluetooth device names without proper permissions due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2021-39748MedMar 30, 2022
    risk 0.36cvss 5.5epss 0.00

    In InputMethodEditor, there is a possible way to access some files accessible to Settings due to an unsafe PendingIntent. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-39747MedMar 30, 2022
    risk 0.36cvss 5.5epss 0.00

    In Settings Provider, there is a possible way to list values of non-readable global settings due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-39745MedMar 30, 2022
    risk 0.36cvss 5.5epss 0.00

    In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is…

  • CVE-2021-39744MedMar 30, 2022
    risk 0.36cvss 5.5epss 0.00

    In DevicePolicyManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is…

  • CVE-2021-39742MedMar 30, 2022
    risk 0.36cvss 5.5epss 0.00

    In Voicemail, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-39740MedMar 30, 2022
    risk 0.36cvss 5.5epss 0.00

    In Messaging, there is a possible way to bypass attachment restrictions due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-39690MedMar 16, 2022
    risk 0.36cvss 5.5epss 0.00

    In setDisplayPadding of WallpaperManagerService.java, there is a possible way to cause a persistent DoS due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2021-39624MedMar 16, 2022
    risk 0.36cvss 5.5epss 0.00

    In PackageManager, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11…

  • CVE-2021-39666MedFeb 11, 2022
    risk 0.36cvss 5.5epss 0.00

    In extract of MediaMetricsItem.h, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0524MedFeb 11, 2022
    risk 0.36cvss 5.5epss 0.00

    In isServiceDistractionOptimized of CarPackageManagerService.java, there is a possible disclosure of installed packages due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is…

  • CVE-2021-39659MedJan 14, 2022
    risk 0.36cvss 5.5epss 0.00

    In sortSimPhoneAccountsForEmergency of CreateConnectionProcessor.java, there is a possible prevention of access to emergency calling due to an unhandled exception. In rare instances, this could lead to local denial of service with User execution privileges needed. User…

  • CVE-2021-39633MedJan 14, 2022
    risk 0.36cvss 5.5epss 0.00

    In gre_handle_offloads of ip_gre.c, there is a possible page fault due to an invalid memory access. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-1030MedDec 15, 2021
    risk 0.36cvss 5.5epss 0.00

    In setNotificationsShownFromListener of NotificationManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional…

  • CVE-2021-1025MedDec 15, 2021
    risk 0.36cvss 5.5epss 0.00

    In hasNamedWallpaper of WallpaperManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.…

  • CVE-2021-1014MedDec 15, 2021
    risk 0.36cvss 5.5epss 0.00

    In getNetworkTypeForSubscriber of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution…

  • CVE-2021-1013MedDec 15, 2021
    risk 0.36cvss 5.5epss 0.00

    In checkExistsAndEnforceCannotModifyImmutablyRestrictedPermission of PermissionManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information…

Page 66 of 89