VYPR

Vendor CVEs

Google

All CVEs

11,416 total · sorted by risk
  • CVE-2021-39721MedMar 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In TBD of TBD, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:…

  • CVE-2021-39719MedMar 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In lwis_top_register_io of lwis_device_top.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-39718MedMar 16, 2022
    risk 0.44cvss 6.7epss 0.00

    In ProtocolStkProactiveCommandAdapter::Init of protocolstkadapter.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for…

  • CVE-2021-39683MedJan 14, 2022
    risk 0.44cvss 6.7epss 0.00

    In copy_from_mbox of sss_ice_util.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-39656MedDec 15, 2021
    risk 0.44cvss 6.7epss 0.00

    In __configfs_open_file of file.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-39652MedDec 15, 2021
    risk 0.44cvss 6.7epss 0.00

    In sec_ts_parsing_cmds of (TBD), there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-39650MedDec 15, 2021
    risk 0.44cvss 6.7epss 0.00

    In (TBD) of (TBD), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:…

  • CVE-2021-39649MedDec 15, 2021
    risk 0.44cvss 6.7epss 0.00

    In regmap_exit of regmap.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-39643MedDec 15, 2021
    risk 0.44cvss 6.7epss 0.00

    In ic_startRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of defense-in-depth due to missing validation of the return value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for…

  • CVE-2021-39639MedDec 15, 2021
    risk 0.44cvss 6.8epss 0.00

    In TBD of fvp.c, there is a possible way to glitch CPU behavior due to a missing permission check. This could lead to local escalation of privilege with physical access to device internals with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2021-39638MedDec 15, 2021
    risk 0.44cvss 6.7epss 0.00

    In periodic_io_work_func of lwis_periodic_io.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-1024MedDec 15, 2021
    risk 0.44cvss 6.7epss 0.00

    In onEventReceived of EventResultPersister.java, there is a possible intent redirection due to a confused deputy. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0941MedOct 25, 2021
    risk 0.44cvss 6.7epss 0.00

    In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-0940MedOct 25, 2021
    risk 0.44cvss 6.7epss 0.00

    In TBD of TBD, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid…

  • CVE-2021-0935MedOct 25, 2021
    risk 0.44cvss 6.7epss 0.00

    In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid…

  • CVE-2021-0691MedOct 6, 2021
    risk 0.44cvss 6.7epss 0.00

    In the SELinux policy configured in system_app.te, there is a possible way for system_app to gain code execution in other processes due to an overly-permissive SELinux policy. This could lead to local escalation of privilege with System execution privileges needed. User…

  • CVE-2021-30597MedAug 26, 2021
    risk 0.44cvss 6.8epss 0.01

    Use after free in Browser UI in Google Chrome on Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device.

  • CVE-2021-30594MedAug 26, 2021
    risk 0.44cvss 6.8epss 0.01

    Use after free in Page Info UI in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device.

  • CVE-2021-0606MedJun 22, 2021
    risk 0.44cvss 6.7epss 0.00

    In drm_syncobj_handle_to_fd of drm_syncobj.c, there is a possible use after free due to incorrect refcounting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0540MedJun 22, 2021
    risk 0.44cvss 6.7epss 0.00

    In halWrapperDataCallback of hal_wrapper.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2010-2525HigJun 22, 2021
    risk 0.44cvss 7.8epss 0.00

    A flaw was discovered in gfs2 file system’s handling of acls (access control lists). An unprivileged local attacker could exploit this flaw to gain access or execute any file stored in the gfs2 file system.

  • CVE-2021-0467MedJun 14, 2021
    risk 0.44cvss 6.8epss 0.00

    In Chromecast bootROM, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the bootloader, with physical USB access, with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2021-21216MedApr 26, 2021
    risk 0.44cvss 6.5epss 0.22

    Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page.

  • CVE-2021-0488MedApr 15, 2021
    risk 0.44cvss 6.7epss 0.00

    In pb_write of pb_encode.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-0462MedMar 10, 2021
    risk 0.44cvss 6.7epss 0.00

    In the NXP NFC firmware, there is a possible insecure firmware update due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid…

  • CVE-2021-0461MedMar 10, 2021
    risk 0.44cvss 6.7epss 0.00

    In iaxxx_core_sensor_change_state of iaxxx-module.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-0456MedMar 10, 2021
    risk 0.44cvss 6.7epss 0.00

    In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-0455MedMar 10, 2021
    risk 0.44cvss 6.7epss 0.00

    In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-0454MedMar 10, 2021
    risk 0.44cvss 6.7epss 0.00

    In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-21177MedMar 9, 2021
    risk 0.44cvss 6.5epss 0.17

    Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • CVE-2021-0406MedFeb 26, 2021
    risk 0.44cvss 6.7epss 0.00

    In cameraisp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11;…

  • CVE-2021-0402MedFeb 26, 2021
    risk 0.44cvss 6.7epss 0.00

    In jpeg, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID:…

  • CVE-2020-22475MedFeb 22, 2021
    risk 0.44cvss 6.8epss 0.00

    "Tasks" application version before 9.7.3 is affected by insecure permissions. The VoiceCommandActivity application component allows arbitrary applications on a device to add tasks with no restrictions.

  • CVE-2021-21140MedFeb 9, 2021
    risk 0.44cvss 6.8epss 0.01

    Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access via via a USB device.

  • CVE-2021-21135MedFeb 9, 2021
    risk 0.44cvss 6.5epss 0.19

    Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2021-0345MedFeb 4, 2021
    risk 0.44cvss 6.7epss 0.00

    In mobile_log_d, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10,…

  • CVE-2021-0364MedFeb 3, 2021
    risk 0.44cvss 6.7epss 0.00

    In mobile_log_d, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11;…

  • CVE-2021-0363MedFeb 3, 2021
    risk 0.44cvss 6.7epss 0.00

    In mobile_log_d, there is a possible command injection due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11;…

  • CVE-2021-0361MedFeb 3, 2021
    risk 0.44cvss 6.7epss 0.00

    In kisd, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID:…

  • CVE-2021-0359MedFeb 3, 2021
    risk 0.44cvss 6.7epss 0.00

    In netdiag, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch…

  • CVE-2021-0357MedFeb 3, 2021
    risk 0.44cvss 6.7epss 0.00

    In netdiag, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch…

  • CVE-2021-0356MedFeb 3, 2021
    risk 0.44cvss 6.7epss 0.00

    In netdiag, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11;…

  • CVE-2021-0354MedFeb 3, 2021
    risk 0.44cvss 6.7epss 0.00

    In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10,…

  • CVE-2021-0301MedJan 11, 2021
    risk 0.44cvss 6.7epss 0.00

    In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android SoC; Android ID:…

  • CVE-2021-0342MedJan 11, 2021
    risk 0.44cvss 6.7epss 0.00

    In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. User interaction is not required for exploitation. Product: Android; Versions: Android kernel;…

  • CVE-2020-27066MedDec 15, 2020
    risk 0.44cvss 6.7epss 0.00

    In xfrm6_tunnel_free_spi of net/ipv6/xfrm6_tunnel.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0483MedDec 15, 2020
    risk 0.44cvss 6.7epss 0.00

    In DrmManagerService::~DrmManagerService() of DrmManagerService.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0465MedDec 14, 2020
    risk 0.44cvss 6.8epss 0.00

    In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0347MedSep 18, 2020
    risk 0.44cvss 6.7epss 0.00

    In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0334MedSep 18, 2020
    risk 0.44cvss 6.7epss 0.00

    In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges and a Firmware compromise needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

Page 117 of 229