Filtered by vendor Google
Subscribe
Total
11915 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-0355 | 1 Google | 1 Android | 2021-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| In kisd, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05425581. | |||||
| CVE-2021-0361 | 1 Google | 1 Android | 2021-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| In kisd, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05449968. | |||||
| CVE-2021-0362 | 1 Google | 1 Android | 2021-02-04 | 4.6 MEDIUM | 6.7 MEDIUM |
| In aee, there is a possible memory corruption due to a stack buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05457070. | |||||
| CVE-2020-0431 | 2 Google, Opensuse | 2 Android, Leap | 2021-02-03 | 4.6 MEDIUM | 6.7 MEDIUM |
| In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-144161459 | |||||
| CVE-2021-1068 | 2 Google, Nvidia | 2 Android, Shield Experience | 2021-01-28 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVDEC component, in which an attacker can read from or write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or escalation of privileges. | |||||
| CVE-2021-1067 | 2 Google, Nvidia | 2 Android, Shield Experience | 2021-01-28 | 4.6 MEDIUM | 6.8 MEDIUM |
| NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the implementation of the RPMB command status, in which an attacker can write to the Write Protect Configuration Block, which may lead to denial of service or escalation of privileges. | |||||
| CVE-2021-1069 | 2 Google, Nvidia | 9 Android, Jetson Agx Xavier, Jetson Nano and 6 more | 2021-01-27 | 3.6 LOW | 6.1 MEDIUM |
| NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVHost function, which may lead to abnormal reboot due to a null pointer reference, causing data loss. | |||||
| CVE-2020-16046 | 2 Apple, Google | 2 Iphone Os, Chrome | 2021-01-19 | 4.3 MEDIUM | 6.1 MEDIUM |
| Script injection in iOSWeb in Google Chrome on iOS prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | |||||
| CVE-2020-16045 | 1 Google | 2 Android, Chrome | 2021-01-19 | 6.8 MEDIUM | 9.6 CRITICAL |
| Use after Free in Payments in Google Chrome on Android prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2021-0301 | 1 Google | 1 Android | 2021-01-13 | 4.6 MEDIUM | 6.7 MEDIUM |
| In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android SoC; Android ID: A-172514667. | |||||
| CVE-2021-0342 | 1 Google | 1 Android | 2021-01-13 | 4.6 MEDIUM | 6.7 MEDIUM |
| In tun_get_user of tun.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges required. User interaction is not required for exploitation. Product: Android; Versions: Android kernel; Android ID: A-146554327. | |||||
| CVE-2021-0322 | 1 Google | 1 Android | 2021-01-13 | 1.9 LOW | 5.0 MEDIUM |
| In onCreate of SlicePermissionActivity.java, there is a possible misleading string displayed due to improper input validation. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: Android; Versions: Android-10, Android-11, Android-9; Android ID: A-159145361. | |||||
| CVE-2021-0320 | 1 Google | 1 Android | 2021-01-13 | 1.9 LOW | 4.7 MEDIUM |
| In is_device_locked and set_device_locked of keystore_keymaster_enforcement.h, there is a possible bypass of lockscreen requirements for keyguard bound keys due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Android ID: A-169933423. | |||||
| CVE-2021-0319 | 1 Google | 1 Android | 2021-01-13 | 4.4 MEDIUM | 7.3 HIGH |
| In checkCallerIsSystemOr of CompanionDeviceManagerService.java, there is a possible way to get a nearby Bluetooth device's MAC address without appropriate permissions due to a permissions bypass. This could lead to local escalation of privilege that grants access to nearby MAC addresses, with User execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.0, Android-8.1, Android-9, Android-10, Android-11; Android ID: A-167244818. | |||||
| CVE-2021-0316 | 1 Google | 1 Android | 2021-01-13 | 10.0 HIGH | 9.8 CRITICAL |
| In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11, Android-8.0, Android-8.1, Android-9, Android-10; Android ID: A-168802990. | |||||
| CVE-2021-0315 | 1 Google | 1 Android | 2021-01-13 | 4.4 MEDIUM | 7.3 HIGH |
| In onCreate of GrantCredentialsPermissionActivity.java, there is a possible way to convince the user to grant an app access to an account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-169763814. | |||||
| CVE-2021-0313 | 1 Google | 1 Android | 2021-01-13 | 7.8 HIGH | 7.5 HIGH |
| In isWordBreakAfter of LayoutUtils.cpp, there is a possible way to slow or crash a TextView due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11, Android-8.0, Android-8.1; Android ID: A-170968514. | |||||
| CVE-2021-0312 | 1 Google | 1 Android | 2021-01-13 | 7.1 HIGH | 6.5 MEDIUM |
| In WAVSource::read of WAVExtractor.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-170583712. | |||||
| CVE-2021-0311 | 1 Google | 1 Android | 2021-01-13 | 7.1 HIGH | 6.5 MEDIUM |
| In ElementaryStreamQueue::dequeueAccessUnitH264() of ESQueue.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11, Android-8.0, Android-8.1; Android ID: A-170240631. | |||||
| CVE-2021-0318 | 1 Google | 1 Android | 2021-01-13 | 7.2 HIGH | 7.8 HIGH |
| In appendEventsToCacheLocked of SensorEventConnection.cpp, there is a possible out of bounds write due to a use-after-free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-8.1, Android-10, Android-11; Android ID: A-168211968. | |||||