CVSS: 5.5EPSS: 0%CPEs: 22EXPL: 0CVE-2020-11836
https://notcve.org/view.php?id=CVE-2020-11836
05 Feb 2021 — OPPO Android Phone with MTK chipset and Android 8.1/9/10/11 versions have an information leak vulnerability. The “adb shell getprop ro.vendor.aee.enforcing” or “adb shell getprop ro.vendor.aee.enforcing” return no. Los Teléfonos OPPO Android con chipset MTK y Android versiones 8.1/9/10/11, presentan una vulnerabilidad de filtrado de información. El "adb shell getprop ro.vendor.aee.enforcing" o "adb shell getprop ro.vendor.aee.enforcing" devuelven no • https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1357213888449617920 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0351
https://notcve.org/view.php?id=CVE-2021-0351
04 Feb 2021 — In wlan driver, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID: ALPS05412917. En el controlador wlan, se presenta un posible bloqueo del sistema debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-acknowledgements •
CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0350
https://notcve.org/view.php?id=CVE-2021-0350
04 Feb 2021 — In ged, there is a possible system crash due to an improper input validation. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID: ALPS05342338. En ged, se presenta un posible bloqueo del sistema debido a una comprobación inapropiada de la entrada. • https://corp.mediatek.com/product-security-acknowledgements • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2021-0349
https://notcve.org/view.php?id=CVE-2021-0349
04 Feb 2021 — In display driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11; Patch ID: ALPS05362646. En el controlador de pantalla, se presenta una posible corrupción de la memoria debido a un uso de la memoria previamente liberada. • https://corp.mediatek.com/product-security-acknowledgements • CWE-416: Use After Free •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2021-0348
https://notcve.org/view.php?id=CVE-2021-0348
04 Feb 2021 — In vpu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11; Patch ID: ALPS05349201. En vpu, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-acknowledgements • CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0347
https://notcve.org/view.php?id=CVE-2021-0347
04 Feb 2021 — In ccu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID: ALPS05377188. En ccu, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-acknowledgements • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-26687
https://notcve.org/view.php?id=CVE-2021-26687
04 Feb 2021 — An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. In preloaded applications, the HostnameVerified default is mishandled. The LG ID is LVE-SMP-200029 (February 2021). Se detectó un problema en los dispositivos móviles LG con software de Sistema Operativo Android versiones 8.0, 8.1, 9.0 y 10. En aplicaciones precargadas, el HostnameVerified es manejado inapropiadamente. • https://lgsecurity.lge.com •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-26689
https://notcve.org/view.php?id=CVE-2021-26689
04 Feb 2021 — An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. The USB laf gadget has a use-after-free. The LG ID is LVE-SMP-200031 (February 2021). Se detectó un problema en los dispositivos móviles LG con software de Sistema Operativo Android versiones 8.0, 8.1, 9.0 y 10. El gadget laf USB presenta un uso de la memoria previamente liberada. • https://lgsecurity.lge.com • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0354
https://notcve.org/view.php?id=CVE-2021-0354
02 Feb 2021 — In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID: ALPS05431161. En ged, se presenta una posible escritura fuera de límites debido a un desbordamiento de enteros. • https://corp.mediatek.com/product-security-acknowledgements • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 9EXPL: 0CVE-2021-1069
https://notcve.org/view.php?id=CVE-2021-1069
20 Jan 2021 — NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVHost function, which may lead to abnormal reboot due to a null pointer reference, causing data loss. NVIDIA SHIELD TV, todas las versiones anteriores a 8.2.2, contiene una vulnerabilidad en la función NVHost, que puede conllevar a un reinicio anormal debido a una referencia de puntero nulo, causando la pérdida de datos • https://nvidia.custhelp.com/app/answers/detail/a_id/5147 • CWE-476: NULL Pointer Dereference •