Show filters
782 Total Results
Displaying 81-90 of 782
Sort by:
Attacker Value
Unknown

CVE-2021-25346

Disclosure Date: March 04, 2021 (last updated February 22, 2025)
A possible arbitrary memory overwrite vulnerabilities in quram library version prior to SMR Jan-2021 Release 1 allow arbitrary code execution.
Attacker Value
Unknown

CVE-2021-26689

Disclosure Date: February 04, 2021 (last updated February 22, 2025)
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. The USB laf gadget has a use-after-free. The LG ID is LVE-SMP-200031 (February 2021).
Attacker Value
Unknown

CVE-2021-26687

Disclosure Date: February 04, 2021 (last updated November 28, 2024)
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. In preloaded applications, the HostnameVerified default is mishandled. The LG ID is LVE-SMP-200029 (February 2021).
Attacker Value
Unknown

CVE-2021-0316

Disclosure Date: January 11, 2021 (last updated February 22, 2025)
In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11, Android-8.0, Android-8.1, Android-9, Android-10; Android ID: A-168802990.
Attacker Value
Unknown

CVE-2021-0315

Disclosure Date: January 11, 2021 (last updated February 22, 2025)
In onCreate of GrantCredentialsPermissionActivity.java, there is a possible way to convince the user to grant an app access to an account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-169763814.
Attacker Value
Unknown

CVE-2021-0311

Disclosure Date: January 11, 2021 (last updated February 22, 2025)
In ElementaryStreamQueue::dequeueAccessUnitH264() of ESQueue.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11, Android-8.0, Android-8.1; Android ID: A-170240631.
Attacker Value
Unknown

CVE-2021-0317

Disclosure Date: January 11, 2021 (last updated February 22, 2025)
In createOrUpdate of Permission.java and related code, there is possible permission escalation due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-10, Android-11, Android-8.0, Android-8.1, Android-9; Android ID: A-168319670.
Attacker Value
Unknown

CVE-2021-0308

Disclosure Date: January 11, 2021 (last updated February 22, 2025)
In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158063095.
Attacker Value
Unknown

CVE-2021-0306

Disclosure Date: January 11, 2021 (last updated February 22, 2025)
In addAllPermissions of PermissionManagerService.java, there is a possible permissions bypass when upgrading major Android versions which allows an app to gain the android.permission.ACTIVITY_RECOGNITION permission without user confirmation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11, Android-8.0, Android-8.1, Android-9, Android-10; Android ID: A-154505240.
Attacker Value
Unknown

CVE-2021-0304

Disclosure Date: January 11, 2021 (last updated February 22, 2025)
In several functions of GlobalScreenshot.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure of the user's contacts with User execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-8.0, Android-8.1, Android-9; Android ID: A-162738636.