CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0646
https://notcve.org/view.php?id=CVE-2021-0646
17 Aug 2021 — In sqlite3_str_vappendf of sqlite3.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if the user can also inject a printf into a privileged process's SQL with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-153352319 En la función sqlite3_str_vappendf del archivo sqlite3.c, se presenta una posible escritura f... • https://source.android.com/security/bulletin/2021-08-01 • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-25443
https://notcve.org/view.php?id=CVE-2021-25443
05 Aug 2021 — A use after free vulnerability in conn_gadget driver prior to SMR AUG-2021 Release 1 allows malicious action by an attacker. Una vulnerabilidad de uso de memoria previamente liberada en el controlador conn_gadget anterior a versión 1 de SMR AUG-2021, permite una acción maliciosa por parte de un atacante • https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=8 • CWE-416: Use After Free CWE-825: Expired Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0587
https://notcve.org/view.php?id=CVE-2021-0587
14 Jul 2021 — In StreamOut::prepareForWriting of StreamOut.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-185259758 En la función StreamOut::prepareForWriting del archivo StreamOut.cpp, se presenta una posible escritura fuera de límites debido a un uso de memoria previamente... • https://source.android.com/security/bulletin/2021-07-01 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0585
https://notcve.org/view.php?id=CVE-2021-0585
14 Jul 2021 — In beginWrite and beginRead of MessageQueueBase.h, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-184963385 En las funciones beginWrite y beginRead del archivo MessageQueueBase.h, se presenta una posible escritura fuera de límites debido a una comprobación inaprop... • https://source.android.com/security/bulletin/2021-07-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0603
https://notcve.org/view.php?id=CVE-2021-0603
14 Jul 2021 — In onCreate of ContactSelectionActivity.java, there is a possible way to get access to contacts without permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-182809425 En la función onCreate del archivo ContactSelectionActivity.java, se presenta una posible manera de conseguir acceso a los contactos sin permiso debido a un ataque de ti... • https://source.android.com/security/bulletin/2021-07-01 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-0586
https://notcve.org/view.php?id=CVE-2021-0586
14 Jul 2021 — In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an unwanted bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-182584940 En la función onCreate del archivo DevicePickerFragment.java, se presenta una posible manera de engañar al usuario para... • https://github.com/nanopathi/packages_apps_Settings_CVE-2021-0586 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0596
https://notcve.org/view.php?id=CVE-2021-0596
14 Jul 2021 — In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-181346550 En la función phNciNfc_RecvMfResp del archivo phNxpExtns_MifareStd.cpp, se presenta una posible lectura fuera de límites debido a una falta de ... • https://source.android.com/security/bulletin/2021-07-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2CVE-2021-0589
https://notcve.org/view.php?id=CVE-2021-0589
14 Jul 2021 — In BTM_TryAllocateSCN of btm_scn.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-180939982 En la función BTM_TryAllocateSCN del archivo btm_scn.cc, se presenta una posible escritura fuera de límites debido a una comprobación incorrecta de límites. Esto podría con... • https://github.com/Trinadh465/System_bt_AOSP10_r33_CVE-2021-0589 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0601
https://notcve.org/view.php?id=CVE-2021-0601
14 Jul 2021 — In encodeFrames of avc_enc_fuzzer.cpp, there is a possible out of bounds write due to a double free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-180643802 En la función encodeFrames del archivo avc_enc_fuzzer.cpp, se presenta una posible escritura fuera de límites debido a una doble liberación. Esto podría conllevar a una divul... • https://source.android.com/security/bulletin/2021-07-01 • CWE-415: Double Free CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0604
https://notcve.org/view.php?id=CVE-2021-0604
14 Jul 2021 — In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible way to share private files over Bluetooth due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-179910660 En la función generateFileInfo del archivo BluetoothOppSendFileInfo.java, se presenta una posible manera de compartir archivos privados a... • https://source.android.com/security/bulletin/2021-07-01 •