CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0347
https://notcve.org/view.php?id=CVE-2021-0347
In ccu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID: ALPS05377188. En ccu, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-acknowledgements • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-26687
https://notcve.org/view.php?id=CVE-2021-26687
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. In preloaded applications, the HostnameVerified default is mishandled. The LG ID is LVE-SMP-200029 (February 2021). Se detectó un problema en los dispositivos móviles LG con software de Sistema Operativo Android versiones 8.0, 8.1, 9.0 y 10. En aplicaciones precargadas, el HostnameVerified es manejado inapropiadamente. • https://lgsecurity.lge.com •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-26689
https://notcve.org/view.php?id=CVE-2021-26689
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. The USB laf gadget has a use-after-free. The LG ID is LVE-SMP-200031 (February 2021). Se detectó un problema en los dispositivos móviles LG con software de Sistema Operativo Android versiones 8.0, 8.1, 9.0 y 10. El gadget laf USB presenta un uso de la memoria previamente liberada. • https://lgsecurity.lge.com • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 4EXPL: 0CVE-2021-0354
https://notcve.org/view.php?id=CVE-2021-0354
In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID: ALPS05431161. En ged, se presenta una posible escritura fuera de límites debido a un desbordamiento de enteros. • https://corp.mediatek.com/product-security-acknowledgements • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-0313
https://notcve.org/view.php?id=CVE-2021-0313
In isWordBreakAfter of LayoutUtils.cpp, there is a possible way to slow or crash a TextView due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11, Android-8.0, Android-8.1; Android ID: A-170968514. En la función isWordBreakAfter del archivo LayoutUtils.cpp, existe una posible manera de ralentizar o bloquear un TextView debido a una comprobación inapropiada de la entrada. • https://source.android.com/security/bulletin/2021-01-01 • CWE-20: Improper Input Validation •