CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-0392
https://notcve.org/view.php?id=CVE-2021-0392
10 Mar 2021 — In main of main.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-175124730 En el archivo main.cpp, se presenta una posible corrupción de memoria debido a una doble liberación. Esto podría conllevar a una escalada de privilegios local con los privilegios de ejecución User necesarios.&... • https://github.com/uthrasri/System_Connectivity_Wificond_CVE-2021-0392 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-0390
https://notcve.org/view.php?id=CVE-2021-0390
10 Mar 2021 — In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of suggested networks due to a missing permission check. This could lead to local escalation of privilege by a background user on the same device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174749461 En varios métodos del archivo WifiNetworkSuggestionsManager.java, se presenta una posi... • https://github.com/uthrasri/frameworks_opt_net_wifi_CVE-2021-0390 • CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 13%CPEs: 4EXPL: 1CVE-2021-0397
https://notcve.org/view.php?id=CVE-2021-0397
10 Mar 2021 — In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174052148 En la función sdp_copy_raw_data del archivo sdp_discovery.cc, se presenta un posible compromiso del sistema debido a una doble liberación. Esto podría conllevar a una ejecució... • https://github.com/Satheesh575555/System_bt_AOSP10-r33_CVE-2021-0397 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-0391
https://notcve.org/view.php?id=CVE-2021-0391
10 Mar 2021 — In onCreate() of ChooseTypeAndAccountActivity.java, there is a possible way to learn the existence of an account, without permissions, due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-172841550 En la función onCreate() del archivo ChooseTypeAndAccountActivity.java, se presenta una manera posible de conocer la... • https://github.com/nanopathi/framework_base_AOSP10_r33_CVE-2021-0391 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2021-0394
https://notcve.org/view.php?id=CVE-2021-0394
10 Mar 2021 — In android_os_Parcel_readString8 of android_os_Parcel.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-172655291 En la función android_os_Parcel_readString8 del archivo android_os_Parcel.cpp, se presenta una posible lectura fuera de límites debido a que falta... • https://github.com/Trinadh465/platform_art_CVE-2021-0394 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 1CVE-2021-0393
https://notcve.org/view.php?id=CVE-2021-0393
10 Mar 2021 — In Scanner::LiteralBuffer::NewCapacity of scanner.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if an attacker can supply a malicious PAC file, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-168041375 En la función Scanner::LiteralBuffer::NewCapacity del archivo scanner.cc, se presenta una posible escritura fuer... • https://github.com/Trinadh465/external_v8_AOSP10_r33_CVE-2021-0393 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 6%CPEs: 4EXPL: 1CVE-2021-0396
https://notcve.org/view.php?id=CVE-2021-0396
10 Mar 2021 — In Builtins::Generate_ArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-160610106 En la función Builtins::Generate_ArgumentsAdaptorTrampoline del archivo builtins-arm.cc y arch... • https://github.com/Satheesh575555/external_v8_AOSP10_r33_CVE-2021-0396 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-25346 – Samsung Galaxy S20 libimagecodec Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-25346
04 Mar 2021 — A possible arbitrary memory overwrite vulnerabilities in quram library version prior to SMR Jan-2021 Release 1 allow arbitrary code execution. Una posible vulnerabilidad de sobrescritura de memoria arbitraria en la biblioteca quram versión anterior a SMR Jan-2021 Release 1, permite una ejecución de código arbitraria This vulnerability allows remote attackers to disclose sensitive information on affected installations of Samsung Galaxy S20. User interaction is required to exploit this vulnerability in that t... • https://security.samsungmobile.com • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-25347
https://notcve.org/view.php?id=CVE-2021-25347
04 Mar 2021 — Hijacking vulnerability in Samsung Email application version prior to SMR Feb-2021 Release 1 allows attackers to intercept when the provider is executed. La vulnerabilidad de secuestro en la aplicación Samsung Email versión anterior a SMR Feb-2021 Release 1, permite a los atacantes interceptar cuando el proveedor es ejecutado • https://security.samsungmobile.com • CWE-287: Improper Authentication •
CVSS: 4.0EPSS: 0%CPEs: 65EXPL: 0CVE-2021-25343
https://notcve.org/view.php?id=CVE-2021-25343
04 Mar 2021 — Calling of non-existent provider in Samsung Members prior to version 2.4.81.13 (in Android O(8.1) and below) and 3.8.00.13 (in Android P(9.0) and above) allows unauthorized actions including denial of service attack by hijacking the provider. Llamar a un proveedor inexistente en Samsung Members anterior a la versión 2.4.81.13 (en Android O(8.1) y por debajo) y 3.8.00.13 (en Android P(9.0) y por encima), permite acciones no autorizadas, incluyendo el ataque de denegación de servicio al secuestrar el proveedo... • https://security.samsungmobile.com • CWE-287: Improper Authentication •