Vendor CVEs
All CVEs
11,416 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-39721 | Med | 0.44 | 6.7 | 0.00 | Mar 16, 2022 | In TBD of TBD, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:… | ||
| CVE-2021-39719 | Med | 0.44 | 6.7 | 0.00 | Mar 16, 2022 | In lwis_top_register_io of lwis_device_top.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2021-39718 | Med | 0.44 | 6.7 | 0.00 | Mar 16, 2022 | In ProtocolStkProactiveCommandAdapter::Init of protocolstkadapter.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for… | ||
| CVE-2021-39683 | Med | 0.44 | 6.7 | 0.00 | Jan 14, 2022 | In copy_from_mbox of sss_ice_util.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android… | ||
| CVE-2021-39656 | Med | 0.44 | 6.7 | 0.00 | Dec 15, 2021 | In __configfs_open_file of file.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2021-39652 | Med | 0.44 | 6.7 | 0.00 | Dec 15, 2021 | In sec_ts_parsing_cmds of (TBD), there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android… | ||
| CVE-2021-39650 | Med | 0.44 | 6.7 | 0.00 | Dec 15, 2021 | In (TBD) of (TBD), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:… | ||
| CVE-2021-39649 | Med | 0.44 | 6.7 | 0.00 | Dec 15, 2021 | In regmap_exit of regmap.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android… | ||
| CVE-2021-39643 | Med | 0.44 | 6.7 | 0.00 | Dec 15, 2021 | In ic_startRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of defense-in-depth due to missing validation of the return value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for… | ||
| CVE-2021-39639 | Med | 0.44 | 6.8 | 0.00 | Dec 15, 2021 | In TBD of fvp.c, there is a possible way to glitch CPU behavior due to a missing permission check. This could lead to local escalation of privilege with physical access to device internals with no additional execution privileges needed. User interaction is not needed for… | ||
| CVE-2021-39638 | Med | 0.44 | 6.7 | 0.00 | Dec 15, 2021 | In periodic_io_work_func of lwis_periodic_io.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2021-1024 | Med | 0.44 | 6.7 | 0.00 | Dec 15, 2021 | In onEventReceived of EventResultPersister.java, there is a possible intent redirection due to a confused deputy. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2021-0941 | Med | 0.44 | 6.7 | 0.00 | Oct 25, 2021 | In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android… | ||
| CVE-2021-0940 | Med | 0.44 | 6.7 | 0.00 | Oct 25, 2021 | In TBD of TBD, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid… | ||
| CVE-2021-0935 | Med | 0.44 | 6.7 | 0.00 | Oct 25, 2021 | In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid… | ||
| CVE-2021-0691 | Med | 0.44 | 6.7 | 0.00 | Oct 6, 2021 | In the SELinux policy configured in system_app.te, there is a possible way for system_app to gain code execution in other processes due to an overly-permissive SELinux policy. This could lead to local escalation of privilege with System execution privileges needed. User… | ||
| CVE-2021-30597 | Med | 0.44 | 6.8 | 0.01 | Aug 26, 2021 | Use after free in Browser UI in Google Chrome on Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device. | ||
| CVE-2021-30594 | Med | 0.44 | 6.8 | 0.01 | Aug 26, 2021 | Use after free in Page Info UI in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device. | ||
| CVE-2021-0606 | Med | 0.44 | 6.7 | 0.00 | Jun 22, 2021 | In drm_syncobj_handle_to_fd of drm_syncobj.c, there is a possible use after free due to incorrect refcounting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2021-0540 | Med | 0.44 | 6.7 | 0.00 | Jun 22, 2021 | In halWrapperDataCallback of hal_wrapper.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2010-2525 | Hig | 0.44 | 7.8 | 0.00 | Jun 22, 2021 | A flaw was discovered in gfs2 file system’s handling of acls (access control lists). An unprivileged local attacker could exploit this flaw to gain access or execute any file stored in the gfs2 file system. | ||
| CVE-2021-0467 | Med | 0.44 | 6.8 | 0.00 | Jun 14, 2021 | In Chromecast bootROM, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the bootloader, with physical USB access, with no additional execution privileges needed. User interaction is not needed for… | ||
| CVE-2021-21216 | Med | 0.44 | 6.5 | 0.22 | Apr 26, 2021 | Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page. | ||
| CVE-2021-0488 | Med | 0.44 | 6.7 | 0.00 | Apr 15, 2021 | In pb_write of pb_encode.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android… | ||
| CVE-2021-0462 | Med | 0.44 | 6.7 | 0.00 | Mar 10, 2021 | In the NXP NFC firmware, there is a possible insecure firmware update due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid… | ||
| CVE-2021-0461 | Med | 0.44 | 6.7 | 0.00 | Mar 10, 2021 | In iaxxx_core_sensor_change_state of iaxxx-module.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2021-0456 | Med | 0.44 | 6.7 | 0.00 | Mar 10, 2021 | In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android… | ||
| CVE-2021-0455 | Med | 0.44 | 6.7 | 0.00 | Mar 10, 2021 | In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android… | ||
| CVE-2021-0454 | Med | 0.44 | 6.7 | 0.00 | Mar 10, 2021 | In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android… | ||
| CVE-2021-21177 | Med | 0.44 | 6.5 | 0.17 | Mar 9, 2021 | Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | ||
| CVE-2021-0406 | Med | 0.44 | 6.7 | 0.00 | Feb 26, 2021 | In cameraisp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11;… | ||
| CVE-2021-0402 | Med | 0.44 | 6.7 | 0.00 | Feb 26, 2021 | In jpeg, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID:… | ||
| CVE-2020-22475 | Med | 0.44 | 6.8 | 0.00 | Feb 22, 2021 | "Tasks" application version before 9.7.3 is affected by insecure permissions. The VoiceCommandActivity application component allows arbitrary applications on a device to add tasks with no restrictions. | ||
| CVE-2021-21140 | Med | 0.44 | 6.8 | 0.01 | Feb 9, 2021 | Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access via via a USB device. | ||
| CVE-2021-21135 | Med | 0.44 | 6.5 | 0.19 | Feb 9, 2021 | Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | ||
| CVE-2021-0345 | Med | 0.44 | 6.7 | 0.00 | Feb 4, 2021 | In mobile_log_d, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10,… | ||
| CVE-2021-0364 | Med | 0.44 | 6.7 | 0.00 | Feb 3, 2021 | In mobile_log_d, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11;… | ||
| CVE-2021-0363 | Med | 0.44 | 6.7 | 0.00 | Feb 3, 2021 | In mobile_log_d, there is a possible command injection due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11;… | ||
| CVE-2021-0361 | Med | 0.44 | 6.7 | 0.00 | Feb 3, 2021 | In kisd, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID:… | ||
| CVE-2021-0359 | Med | 0.44 | 6.7 | 0.00 | Feb 3, 2021 | In netdiag, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch… | ||
| CVE-2021-0357 | Med | 0.44 | 6.7 | 0.00 | Feb 3, 2021 | In netdiag, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch… | ||
| CVE-2021-0356 | Med | 0.44 | 6.7 | 0.00 | Feb 3, 2021 | In netdiag, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11;… | ||
| CVE-2021-0354 | Med | 0.44 | 6.7 | 0.00 | Feb 3, 2021 | In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10,… | ||
| CVE-2021-0301 | Med | 0.44 | 6.7 | 0.00 | Jan 11, 2021 | In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android SoC; Android ID:… | ||
| CVE-2021-0342 | Med | 0.44 | 6.7 | 0.00 | Jan 11, 2021 | In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. User interaction is not required for exploitation. Product: Android; Versions: Android kernel;… | ||
| CVE-2020-27066 | Med | 0.44 | 6.7 | 0.00 | Dec 15, 2020 | In xfrm6_tunnel_free_spi of net/ipv6/xfrm6_tunnel.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:… | ||
| CVE-2020-0483 | Med | 0.44 | 6.7 | 0.00 | Dec 15, 2020 | In DrmManagerService::~DrmManagerService() of DrmManagerService.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2020-0465 | Med | 0.44 | 6.8 | 0.00 | Dec 14, 2020 | In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2020-0347 | Med | 0.44 | 6.7 | 0.00 | Sep 18, 2020 | In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:… | ||
| CVE-2020-0334 | Med | 0.44 | 6.7 | 0.00 | Sep 18, 2020 | In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges and a Firmware compromise needed. User interaction is not needed for exploitation.Product: AndroidVersions:… |
- risk 0.44cvss 6.7epss 0.00
In TBD of TBD, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:…
- risk 0.44cvss 6.7epss 0.00
In lwis_top_register_io of lwis_device_top.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
- risk 0.44cvss 6.7epss 0.00
In ProtocolStkProactiveCommandAdapter::Init of protocolstkadapter.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for…
- risk 0.44cvss 6.7epss 0.00
In copy_from_mbox of sss_ice_util.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…
- risk 0.44cvss 6.7epss 0.00
In __configfs_open_file of file.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
- risk 0.44cvss 6.7epss 0.00
In sec_ts_parsing_cmds of (TBD), there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…
- risk 0.44cvss 6.7epss 0.00
In (TBD) of (TBD), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:…
- risk 0.44cvss 6.7epss 0.00
In regmap_exit of regmap.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…
- risk 0.44cvss 6.7epss 0.00
In ic_startRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of defense-in-depth due to missing validation of the return value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for…
- risk 0.44cvss 6.8epss 0.00
In TBD of fvp.c, there is a possible way to glitch CPU behavior due to a missing permission check. This could lead to local escalation of privilege with physical access to device internals with no additional execution privileges needed. User interaction is not needed for…
- risk 0.44cvss 6.7epss 0.00
In periodic_io_work_func of lwis_periodic_io.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
- risk 0.44cvss 6.7epss 0.00
In onEventReceived of EventResultPersister.java, there is a possible intent redirection due to a confused deputy. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
- risk 0.44cvss 6.7epss 0.00
In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…
- risk 0.44cvss 6.7epss 0.00
In TBD of TBD, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid…
- risk 0.44cvss 6.7epss 0.00
In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid…
- risk 0.44cvss 6.7epss 0.00
In the SELinux policy configured in system_app.te, there is a possible way for system_app to gain code execution in other processes due to an overly-permissive SELinux policy. This could lead to local escalation of privilege with System execution privileges needed. User…
- risk 0.44cvss 6.8epss 0.01
Use after free in Browser UI in Google Chrome on Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device.
- risk 0.44cvss 6.8epss 0.01
Use after free in Page Info UI in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device.
- risk 0.44cvss 6.7epss 0.00
In drm_syncobj_handle_to_fd of drm_syncobj.c, there is a possible use after free due to incorrect refcounting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
- risk 0.44cvss 6.7epss 0.00
In halWrapperDataCallback of hal_wrapper.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
- risk 0.44cvss 7.8epss 0.00
A flaw was discovered in gfs2 file system’s handling of acls (access control lists). An unprivileged local attacker could exploit this flaw to gain access or execute any file stored in the gfs2 file system.
- risk 0.44cvss 6.8epss 0.00
In Chromecast bootROM, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the bootloader, with physical USB access, with no additional execution privileges needed. User interaction is not needed for…
- risk 0.44cvss 6.5epss 0.22
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page.
- risk 0.44cvss 6.7epss 0.00
In pb_write of pb_encode.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…
- risk 0.44cvss 6.7epss 0.00
In the NXP NFC firmware, there is a possible insecure firmware update due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid…
- risk 0.44cvss 6.7epss 0.00
In iaxxx_core_sensor_change_state of iaxxx-module.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.44cvss 6.7epss 0.00
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…
- risk 0.44cvss 6.7epss 0.00
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…
- risk 0.44cvss 6.7epss 0.00
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…
- risk 0.44cvss 6.5epss 0.17
Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
- risk 0.44cvss 6.7epss 0.00
In cameraisp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11;…
- risk 0.44cvss 6.7epss 0.00
In jpeg, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID:…
- risk 0.44cvss 6.8epss 0.00
"Tasks" application version before 9.7.3 is affected by insecure permissions. The VoiceCommandActivity application component allows arbitrary applications on a device to add tasks with no restrictions.
- risk 0.44cvss 6.8epss 0.01
Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access via via a USB device.
- risk 0.44cvss 6.5epss 0.19
Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
- risk 0.44cvss 6.7epss 0.00
In mobile_log_d, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10,…
- risk 0.44cvss 6.7epss 0.00
In mobile_log_d, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11;…
- risk 0.44cvss 6.7epss 0.00
In mobile_log_d, there is a possible command injection due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11;…
- risk 0.44cvss 6.7epss 0.00
In kisd, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID:…
- risk 0.44cvss 6.7epss 0.00
In netdiag, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch…
- risk 0.44cvss 6.7epss 0.00
In netdiag, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch…
- risk 0.44cvss 6.7epss 0.00
In netdiag, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11;…
- risk 0.44cvss 6.7epss 0.00
In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10,…
- risk 0.44cvss 6.7epss 0.00
In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android SoC; Android ID:…
- risk 0.44cvss 6.7epss 0.00
In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. User interaction is not required for exploitation. Product: Android; Versions: Android kernel;…
- risk 0.44cvss 6.7epss 0.00
In xfrm6_tunnel_free_spi of net/ipv6/xfrm6_tunnel.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
- risk 0.44cvss 6.7epss 0.00
In DrmManagerService::~DrmManagerService() of DrmManagerService.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.44cvss 6.8epss 0.00
In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.44cvss 6.7epss 0.00
In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…
- risk 0.44cvss 6.7epss 0.00
In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges and a Firmware compromise needed. User interaction is not needed for exploitation.Product: AndroidVersions:…
Page 117 of 229