VYPR

Vendor CVEs

Google

All CVEs

11,367 total · sorted by risk
  • CVE-2022-20174MedJun 15, 2022
    risk 0.29cvss 4.4epss 0.00

    In exynos_secEnv_init of mach-gs101.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2022-20165MedJun 15, 2022
    risk 0.29cvss 4.4epss 0.00

    In asn1_parse of asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2022-20162MedJun 15, 2022
    risk 0.29cvss 4.4epss 0.00

    In asn1_p256_int of crypto/asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2022-20159MedJun 15, 2022
    risk 0.29cvss 4.4epss 0.00

    In asn1_ec_pkey_parse of acropora/crypto/asn1_common.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-39730MedMar 16, 2022
    risk 0.29cvss 4.4epss 0.00

    In TBD of TBD, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:…

  • CVE-2021-39724MedMar 16, 2022
    risk 0.29cvss 4.4epss 0.00

    In TuningProviderBase::GetTuningTreeSet of tuning_provider_base.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for…

  • CVE-2021-39722MedMar 16, 2022
    risk 0.29cvss 4.4epss 0.00

    In ProtocolStkProactiveCommandAdapter::Init of protocolstkadapter.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for…

  • CVE-2021-39717MedMar 16, 2022
    risk 0.29cvss 4.4epss 0.00

    In iaxxx_btp_write_words of iaxxx-btp.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-39715MedMar 16, 2022
    risk 0.29cvss 4.4epss 0.00

    In __show_regs of process.c, there is a possible leak of kernel memory and addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-39711MedMar 16, 2022
    risk 0.29cvss 4.4epss 0.00

    In bpf_prog_test_run_skb of test_run.c, there is a possible out of bounds read due to Incorrect Size Value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2022-24925MedFeb 11, 2022
    risk 0.29cvss 4.4epss 0.00

    Improper input validation vulnerability in SettingsProvider prior to Android S(12) allows privileged attackers to trigger a permanent denial of service attack on a victim's devices.

  • CVE-2021-39680MedJan 14, 2022
    risk 0.29cvss 4.4epss 0.00

    In sec_SHA256_Transform of sha256_core.c, there is a possible way to read heap data due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-39657MedDec 15, 2021
    risk 0.29cvss 4.4epss 0.00

    In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-39647MedDec 15, 2021
    risk 0.29cvss 4.4epss 0.00

    In mon_smc_load_sp of gs101-sc/plat/samsung/exynos/soc/exynos9845/smc_booting.S, there is a possible reinitialization of TEE due to improper locking. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for…

  • CVE-2021-39637MedDec 15, 2021
    risk 0.29cvss 4.4epss 0.00

    In CreateDeviceInfo of trusty_remote_provisioning_context.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-39636MedDec 15, 2021
    risk 0.29cvss 4.4epss 0.00

    In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel information due to uninitialized data. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-1047MedDec 15, 2021
    risk 0.29cvss 4.4epss 0.00

    In valid_ipc_dram_addr of cm_access_control.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-1046MedDec 15, 2021
    risk 0.29cvss 4.4epss 0.00

    In lwis_dpm_update_clock of lwis_device_dpm.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-1042MedDec 15, 2021
    risk 0.29cvss 4.4epss 0.00

    In dsi_panel_debugfs_read_cmdset of dsi_panel.c, there is a possible disclosure of freed kernel heap memory due to a use after free. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-1008MedDec 15, 2021
    risk 0.29cvss 4.4epss 0.00

    In addSubInfo of SubscriptionController.java, there is a possible way to force the user to make a factory reset due to a logic error in the code. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for…

  • CVE-2021-1007MedDec 15, 2021
    risk 0.29cvss 4.4epss 0.00

    In btu_hcif_process_event of btu_hcif.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-1006MedDec 15, 2021
    risk 0.29cvss 4.4epss 0.00

    In several functions of DatabaseManager.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-0961MedDec 15, 2021
    risk 0.29cvss 4.4epss 0.00

    In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-0939MedOct 25, 2021
    risk 0.29cvss 4.4epss 0.00

    In set_default_passthru_cfg of passthru.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0590MedJul 14, 2021
    risk 0.29cvss 4.4epss 0.00

    In sendNetworkConditionsBroadcast of NetworkMonitor.java, there is a possible way for a privileged app to receive WiFi BSSID and SSID without location permissions due to a missing permission check. This could lead to local information disclosure with System execution privileges…

  • CVE-2021-0605MedJun 22, 2021
    risk 0.29cvss 4.4epss 0.00

    In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0549MedJun 22, 2021
    risk 0.29cvss 4.4epss 0.00

    In sspRequestCallback of BondStateMachine.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for…

  • CVE-2021-0566MedJun 22, 2021
    risk 0.29cvss 4.4epss 0.00

    In accessAudioHalPidscpp of TimeCheck.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-30538MedJun 7, 2021
    risk 0.29cvss 4.3epss 0.16

    Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page.

  • CVE-2021-0460MedMar 10, 2021
    risk 0.29cvss 4.4epss 0.00

    In the FingerTipS touch screen driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-0459MedMar 10, 2021
    risk 0.29cvss 4.4epss 0.00

    In fts_driver_test_write of fts_proc.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0458MedMar 10, 2021
    risk 0.29cvss 4.4epss 0.00

    In the FingerTipS touch screen driver, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-0453MedMar 10, 2021
    risk 0.29cvss 4.4epss 0.00

    In the Titan-M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-0452MedMar 10, 2021
    risk 0.29cvss 4.4epss 0.00

    In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-0451MedMar 10, 2021
    risk 0.29cvss 4.4epss 0.00

    In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-0450MedMar 10, 2021
    risk 0.29cvss 4.4epss 0.00

    In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-0449MedMar 10, 2021
    risk 0.29cvss 4.4epss 0.00

    In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2021-0374MedMar 10, 2021
    risk 0.29cvss 4.4epss 0.00

    In BnAudioPolicyService::onTransact of IAudioPolicyService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-0403MedFeb 26, 2021
    risk 0.29cvss 4.4epss 0.00

    In netdiag, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID:…

  • CVE-2021-0350MedFeb 4, 2021
    risk 0.29cvss 4.4epss 0.00

    In ged, there is a possible system crash due to an improper input validation. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10,…

  • CVE-2020-27053MedDec 15, 2020
    risk 0.29cvss 4.4epss 0.00

    In broadcastWifiCredentialChanged of ClientModeImpl.java, there is a possible location permission bypass due to a missing permission check. This could lead to local information disclosure of the WiFi network name with System execution privileges needed. User interaction is not…

  • CVE-2020-27040MedDec 15, 2020
    risk 0.29cvss 4.4epss 0.00

    In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the NFC server with System execution privileges needed. User interaction is not needed for…

  • CVE-2020-27028MedDec 15, 2020
    risk 0.29cvss 4.4epss 0.00

    In filter_incoming_event of hci_layer.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-27023MedDec 15, 2020
    risk 0.29cvss 4.4epss 0.00

    In setErrorPlaybackState of BluetoothMediaBrowserService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0476MedDec 15, 2020
    risk 0.29cvss 4.4epss 0.00

    In onNotificationRemoved of Assistant.java, there is a possible leak of sensitive information to logs. This could lead to local information disclosure with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0349MedSep 18, 2020
    risk 0.29cvss 4.4epss 0.00

    In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-139188779

  • CVE-2020-0325MedSep 18, 2020
    risk 0.29cvss 4.4epss 0.00

    In NFC, there is a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-145079309

  • CVE-2020-0282MedSep 18, 2020
    risk 0.29cvss 4.5epss 0.01

    In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure. System execution privileges, a Firmware compromise, and User interaction are needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0407MedSep 17, 2020
    risk 0.29cvss 4.4epss 0.00

    In various functions in fscrypt_ice.c and related files in some implementations of f2fs encryption that use encryption hardware which only supports 32-bit IVs (Initialization Vectors), 64-bit IVs are used and later are truncated to 32 bits. This may cause IV reuse and thus…

  • CVE-2020-0164MedJun 11, 2020
    risk 0.29cvss 4.4epss 0.00

    In phNxpNciHal_NfcDep_cmd_ext of phNxpNciHal_NfcDepSWPrio.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

Page 162 of 228