Filtered by vendor Google
Subscribe
Total
11915 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25469 | 2 Google, Samsung | 2 Android, Exynos | 2021-10-13 | 4.6 MEDIUM | 6.7 MEDIUM |
| A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution. | |||||
| CVE-2021-25471 | 2 Google, Samsung | 2 Android, Exynos | 2021-10-13 | 5.0 MEDIUM | 7.5 HIGH |
| A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion. | |||||
| CVE-2021-25479 | 2 Google, Samsung | 2 Android, Exynos | 2021-10-13 | 6.5 MEDIUM | 7.2 HIGH |
| A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25478 | 2 Google, Samsung | 2 Android, Exynos | 2021-10-13 | 6.5 MEDIUM | 7.2 HIGH |
| A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25477 | 2 Google, Mediatek | 4 Android, Mt6762, Mt6765 and 1 more | 2021-10-13 | 4.0 MEDIUM | 4.9 MEDIUM |
| An improper error handling in Mediatek RRC Protocol stack prior to SMR Oct-2021 Release 1 allows modem crash and remote denial of service. | |||||
| CVE-2021-25483 | 1 Google | 1 Android | 2021-10-13 | 5.0 MEDIUM | 6.5 MEDIUM |
| Lack of boundary checking of a buffer in livfivextractor library prior to SMR Oct-2021 Release 1 allows OOB read. | |||||
| CVE-2021-25480 | 2 Google, Qualcomm | 2 Android, Qualcomm | 2021-10-13 | 5.0 MEDIUM | 7.5 HIGH |
| A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem prior to SMR Oct-2021 Release 1 can lead to remote denial of service on mobile network connection. | |||||
| CVE-2021-25482 | 1 Google | 1 Android | 2021-10-13 | 3.6 LOW | 4.4 MEDIUM |
| SQL injection vulnerabilities in CMFA framework prior to SMR Oct-2021 Release 1 allow untrusted application to overwrite some CMFA framework information. | |||||
| CVE-2021-25481 | 2 Google, Samsung | 2 Android, Exynos | 2021-10-13 | 4.6 MEDIUM | 6.7 MEDIUM |
| An improper error handling in Exynos CP booting driver prior to SMR Oct-2021 Release 1 allows local attackers to bypass a Secure Memory Protector of Exynos CP Memory. | |||||
| CVE-2021-25485 | 1 Google | 1 Android | 2021-10-13 | 5.8 MEDIUM | 8.0 HIGH |
| Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Oct-2021 Release 1 allows attackers to write file as system UID via BT remote socket. | |||||
| CVE-2021-25486 | 1 Google | 1 Android | 2021-10-13 | 2.1 LOW | 3.3 LOW |
| Exposure of information vulnerability in ipcdump prior to SMR Oct-2021 Release 1 allows an attacker detect device information via analyzing packet in log. | |||||
| CVE-2021-25484 | 1 Google | 1 Android | 2021-10-13 | 2.1 LOW | 3.3 LOW |
| Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event. | |||||
| CVE-2021-25488 | 2 Google, Samsung | 2 Android, Exynos | 2021-10-13 | 2.1 LOW | 5.5 MEDIUM |
| Lack of boundary checking of a buffer in recv_data() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read. | |||||
| CVE-2021-25487 | 2 Google, Samsung | 2 Android, Exynos | 2021-10-13 | 4.6 MEDIUM | 7.8 HIGH |
| Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer. | |||||
| CVE-2021-25491 | 2 Google, Samsung | 2 Android, Exynos | 2021-10-13 | 2.1 LOW | 4.4 MEDIUM |
| A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows memory corruption via NULL-pointer dereference. | |||||
| CVE-2021-25475 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2021-10-13 | 7.2 HIGH | 6.7 MEDIUM |
| A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25474 | 1 Google | 1 Android | 2021-10-13 | 4.9 MEDIUM | 4.4 MEDIUM |
| Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_show_on_qspanel value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset. | |||||
| CVE-2021-25473 | 1 Google | 1 Android | 2021-10-13 | 4.9 MEDIUM | 4.4 MEDIUM |
| Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_hide_by_meadia_full value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset. | |||||
| CVE-2021-0636 | 1 Google | 1 Android | 2021-10-08 | 6.8 MEDIUM | 7.8 HIGH |
| When extracting the incorrectly formatted avi file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed. This problem may lead to hacker malicious code attacks, resulting in the loss of user rights.Product: Androidversion: Android-10Android ID: A-189392423 | |||||
| CVE-2021-0635 | 1 Google | 1 Android | 2021-10-08 | 6.8 MEDIUM | 7.8 HIGH |
| When extracting the incorrectly formatted flv file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed. This problem may lead to hacker malicious code attacks, resulting in the loss of user rights.Product: Androidversion:Android-10Android ID: A-189402477 | |||||