CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0539
https://notcve.org/view.php?id=CVE-2021-0539
22 Jun 2021 — In archiveStoredConversation of MmsService.java, there is a possible way to archive message conversation without user consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-180419673 En la función archiveStoredConversation del archivo MmsService.java, se presenta una manera posible de archivar la conversación de mensajes sin el... • https://source.android.com/security/bulletin/pixel/2021-06-01 • CWE-862: Missing Authorization •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0538
https://notcve.org/view.php?id=CVE-2021-0538
22 Jun 2021 — In onCreate of EmergencyCallbackModeExitDialog.java, there is a possible exit of emergency callback mode due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-178821491 En la función onCreate del archivo EmergencyCallbackModeExitDialog.java, se presenta una posible salida del modo de devolución de llamada de emergencia debido a un ataque de tapja... • https://source.android.com/security/bulletin/pixel/2021-06-01 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0537
https://notcve.org/view.php?id=CVE-2021-0537
22 Jun 2021 — In onCreate of WiFiInstaller.java, there is a possible way to install a malicious Hotspot 2.0 configuration due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-176756141 En la función onCreate del archivo WiFiInstaller.java, se presenta una manera posible de instalar una configuración maliciosa de Hotspot versión 2.0 debido a un ataque de tapja... • https://source.android.com/security/bulletin/pixel/2021-06-01 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0536
https://notcve.org/view.php?id=CVE-2021-0536
22 Jun 2021 — In dropFile of WiFiInstaller, there is a way to delete files accessible to CertInstaller due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-176756691 En la función dropFile del archivo WiFiInstaller, se presenta una manera de eliminar los archivos accesibles a CertInstaller debido a un problema de tipo confused deputy. Esto podría conllevar... • https://source.android.com/security/bulletin/pixel/2021-06-01 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0535
https://notcve.org/view.php?id=CVE-2021-0535
22 Jun 2021 — In wpas_ctrl_msg_queue_timeout of ctrl_iface_unix.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-168314741 En la función wpas_ctrl_msg_queue_timeout del archivo ctrl_iface_unix.c, se presenta una posible corrupción de memoria debido a un uso de memoria previamente liberada. Esto podría conllevar a una es... • https://source.android.com/security/bulletin/pixel/2021-06-01 • CWE-416: Use After Free •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0566
https://notcve.org/view.php?id=CVE-2021-0566
22 Jun 2021 — In accessAudioHalPidscpp of TimeCheck.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-175894436 En la función accessAudioHalPidscpp del archivo TimeCheck.cpp, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una divulgación de ... • https://source.android.com/security/bulletin/pixel/2021-06-01 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0563
https://notcve.org/view.php?id=CVE-2021-0563
22 Jun 2021 — In ih264e_fmt_conv_422i_to_420sp of ih264e_fmt_conv.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-172908358 En la función ih264e_fmt_conv_422i_to_420sp del archivo ih264e_fmt_conv.c, se presenta una posible lectura fuera de límites debido a un desbordamiento del búfer de la pila. Esto podrí... • https://source.android.com/security/bulletin/pixel/2021-06-01 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0562
https://notcve.org/view.php?id=CVE-2021-0562
22 Jun 2021 — In RasterIntraUpdate of motion_est.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-176084648 En la función RasterIntraUpdate del archivo motion_est.cpp, se presenta una posible lectura fuera de límites debido a una comprobación de límites incorrecta. Esto podría conllevar a una divulgaci... • https://source.android.com/security/bulletin/pixel/2021-06-01 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-0561 – flac: out of bound write in append_to_verify_fifo_interleaved_ of stream_encoder.c
https://notcve.org/view.php?id=CVE-2021-0561
22 Jun 2021 — In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683 En la función append_to_verify_fifo_interleaved_ del archivo stream_encoder.c, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. E... • https://lists.debian.org/debian-lts-announce/2022/03/msg00022.html • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0559
https://notcve.org/view.php?id=CVE-2021-0559
22 Jun 2021 — In Lag_max of p_ol_wgh.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-172312730 En la función Lag_max del archivo p_ol_wgh.cpp, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. Esto podría conllevar a una divulgación de información remota sin ser... • https://source.android.com/security/bulletin/pixel/2021-06-01 • CWE-125: Out-of-bounds Read •