VYPR

Android

by Google

CVEs (4,712)

  • CVE-2021-0518MedJul 14, 2021
    risk 0.36cvss 5.5epss 0.00

    In Wi-Fi, there is a possible leak of location-sensitive data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0552MedJun 22, 2021
    risk 0.36cvss 5.5epss 0.00

    In getEndItemSliceAction of MediaOutputSlice.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-0542MedJun 22, 2021
    risk 0.36cvss 5.5epss 0.00

    In updateNotification of BeamTransferManager.java, there is a missing permission check. This could lead to local information disclosure of paired Bluetooth addresses with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2021-0572MedJun 22, 2021
    risk 0.36cvss 5.5epss 0.00

    In doNotification of AccountManagerService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0562MedJun 22, 2021
    risk 0.36cvss 5.5epss 0.00

    In RasterIntraUpdate of motion_est.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-0556MedJun 22, 2021
    risk 0.36cvss 5.5epss 0.00

    In getBlockSum of fastcodemb.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0554MedJun 22, 2021
    risk 0.36cvss 5.5epss 0.00

    In isBackupServiceActive of BackupManagerService.java, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android…

  • CVE-2021-0521MedJun 21, 2021
    risk 0.36cvss 5.5epss 0.00

    In getAllPackages of PackageManagerService, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of cross-user permissions with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2021-0484MedJun 11, 2021
    risk 0.36cvss 5.5epss 0.00

    In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-0480MedJun 11, 2021
    risk 0.36cvss 5.5epss 0.00

    In createPendingIntent of SnoozeHelper.java, there is a possible broadcast intent containing a sensitive identifier. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2021-0444MedApr 13, 2021
    risk 0.36cvss 5.5epss 0.00

    In onActivityResult of QuickContactActivity.java, there is an unnecessary return of an intent. This could lead to local information disclosure of contact data with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0436MedApr 13, 2021
    risk 0.36cvss 5.5epss 0.00

    In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds read due to integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0428MedApr 13, 2021
    risk 0.36cvss 5.5epss 0.00

    In getSimSerialNumber of TelephonyManager.java, there is a possible way to read a trackable identifier due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for…

  • CVE-2021-0400MedApr 13, 2021
    risk 0.36cvss 5.5epss 0.00

    In injectBestLocation and handleUpdateLocation of GnssLocationProvider.java, there is a possible incorrect reporting of location data to emergency services due to improper input validation. This could lead to incorrect reporting of location data to emergency services with User…

  • CVE-2021-0463MedMar 10, 2021
    risk 0.36cvss 5.5epss 0.00

    In convertToHidl of convert.cpp, there is a possible out of bounds read due to uninitialized data from ReturnFrameworkMessage. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2021-0382MedMar 10, 2021
    risk 0.36cvss 5.5epss 0.00

    In checkSlicePermission of SliceManagerService.java, there is a possible resource exposure due to an incorrect permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2021-0381MedMar 10, 2021
    risk 0.36cvss 5.5epss 0.00

    In updateNotifications of DeviceStorageMonitorService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-0375MedMar 10, 2021
    risk 0.36cvss 5.5epss 0.00

    In onPackageModified of VoiceInteractionManagerService.java, there is a possible change of default applications due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2021-0338MedFeb 10, 2021
    risk 0.36cvss 5.5epss 0.00

    In SystemSettingsValidators, there is a possible permanent denial of service due to missing bounds checks on UI settings. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-27098MedJan 26, 2021
    risk 0.36cvss 5.5epss 0.00

    In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible way to access contacts due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for…

Page 148 of 236