Total
7259 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-1001 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| In PVInitVideoEncoder of mp4enc_api.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-190435883 | |||||
| CVE-2021-0998 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| In 'ih264e_find_bskip_params()' of ih264e_me.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-193442575 | |||||
| CVE-2021-0996 | 1 Google | 1 Android | 2024-11-21 | 2.7 LOW | 4.5 MEDIUM |
| In nfaHciCallback of HciEventManager.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over NFC with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-181346545 | |||||
| CVE-2021-0976 | 1 Google | 1 Android | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In toBARK of floor0.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-199680600 | |||||
| CVE-2021-0942 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
| The path in this case is a little bit convoluted. The end result is that via an ioctl an untrusted app can control the ui32PageIndex offset in the expression:sPA.uiAddr = page_to_phys(psOSPageArrayData->pagearray[ui32PageIndex]);With the current PoC this crashes as an OOB read. However, given that the OOB read value is ending up as the address field of a struct I think i seems plausible that this could lead to an OOB write if the attacker is able to cause the OOB read to pull an interesting kernel address. Regardless if this is a read or write, it is a High severity issue in the kernel.Product: AndroidVersions: Android SoCAndroid ID: A-238904312 | |||||
| CVE-2021-0941 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
| In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-154177719References: Upstream kernel | |||||
| CVE-2021-0939 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| In set_default_passthru_cfg of passthru.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-186026549References: N/A | |||||
| CVE-2021-0925 | 1 Google | 1 Android | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| In rw_t4t_sm_detect_ndef of rw_t4t.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure due to a limited change in behavior based on the out of bounds data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-191444150 | |||||
| CVE-2021-0924 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| In xhci_vendor_get_ops of xhci.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-194461020References: Upstream kernel | |||||
| CVE-2021-0902 | 2 Google, Mediatek | 12 Android, Mt6873, Mt6875 and 9 more | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05656484. | |||||
| CVE-2021-0900 | 2 Google, Mediatek | 12 Android, Mt6873, Mt6875 and 9 more | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672055. | |||||
| CVE-2021-0689 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| In RGB_to_BGR1_portable of SkSwizzler_opts.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-190188264 | |||||
| CVE-2021-0676 | 2 Google, Mediatek | 44 Android, Mt6762, Mt6765 and 41 more | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| In geniezone driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05863009; Issue ID: ALPS05863009. | |||||
| CVE-2021-0674 | 2 Google, Mediatek | 57 Android, Mt6570, Mt6580 and 54 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| In alac decoder, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064237. | |||||
| CVE-2021-0666 | 2 Google, Mediatek | 21 Android, Mt6873, Mt6875 and 18 more | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672086; Issue ID: ALPS05672086. | |||||
| CVE-2021-0665 | 2 Google, Mediatek | 22 Android, Mt6873, Mt6875 and 19 more | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672113; Issue ID: ALPS05672113. | |||||
| CVE-2021-0660 | 2 Google, Mediatek | 5 Android, Mt6779, Mt6853 and 2 more | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| In ccu, there is a possible out of bounds read due to incorrect error handling. This could lead to information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05827145; Issue ID: ALPS05827145. | |||||
| CVE-2021-0659 | 2 Google, Mediatek | 14 Android, Mt6853, Mt6853t and 11 more | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05687559; Issue ID: ALPS05687559. | |||||
| CVE-2021-0650 | 1 Google | 1 Android | 2024-11-21 | 7.1 HIGH | 6.5 MEDIUM |
| In WT_InterpolateNoLoop of eas_wtengine.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-190286685 | |||||
| CVE-2021-0632 | 1 Google | 1 Android | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker under certain build conditions with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05560246; Issue ID: ALPS05551383. | |||||