cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers.
Max CVSS
5.7
EPSS Score
0.04%
Published
2021-11-05
Updated
2022-07-14
A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged process.
Max CVSS
6.0
EPSS Score
0.04%
Published
2021-10-06
Updated
2022-08-01
Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event.
Max CVSS
4.0
EPSS Score
0.04%
Published
2021-10-06
Updated
2021-10-13
An improper access control vulnerability in sspExit() in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to terminate BlockchainTZService.
Max CVSS
5.5
EPSS Score
0.04%
Published
2021-09-09
Updated
2022-09-23
An improper access control vulnerability in sspInit() in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to start BlockchainTZService.
Max CVSS
5.5
EPSS Score
0.04%
Published
2021-09-09
Updated
2022-09-23
A PendingIntent hijacking in NetworkPolicyManagerService prior to SMR Sep-2021 Release 1 allows attackers to get IMSI data.
Max CVSS
4.3
EPSS Score
0.05%
Published
2021-09-09
Updated
2021-09-23
Improper access control vulnerability in Bluetooth application prior to SMR July-2021 Release 1 allows untrusted application to access the Bluetooth information in Bluetooth application.
Max CVSS
4.3
EPSS Score
0.05%
Published
2021-07-08
Updated
2021-07-14
Improper authorization in SDP SDK prior to SMR JUN-2021 Release 1 allows access to internal storage.
Max CVSS
7.5
EPSS Score
0.08%
Published
2021-06-11
Updated
2022-07-14
An improper access control vulnerability in genericssoservice prior to SMR JUN-2021 Release 1 allows local attackers to execute protected activity with system privilege via untrusted applications.
Max CVSS
7.8
EPSS Score
0.04%
Published
2021-06-11
Updated
2022-07-14
An improper authorization of using debugging command in Secure Folder prior to SMR Oct-2020 Release 1 allows unauthorized access to contents in Secure Folder via debugging command.
Max CVSS
6.1
EPSS Score
0.04%
Published
2021-04-23
Updated
2022-10-25
An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP information without proper permissions via untrusted applications.
Max CVSS
4.0
EPSS Score
0.04%
Published
2021-04-09
Updated
2021-04-19
Hijacking vulnerability in Samsung Email application version prior to SMR Feb-2021 Release 1 allows attackers to intercept when the provider is executed.
Max CVSS
5.3
EPSS Score
0.04%
Published
2021-03-04
Updated
2021-03-12
Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1 allows physically proximate attackers to change in arbitrary settings during Initialization State.
Max CVSS
5.1
EPSS Score
0.05%
Published
2021-03-04
Updated
2022-09-23
In lockAllProfileTasks of RootWindowContainer.java, there is a possible way to access the work profile without the profile PIN, after logging in. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-177457096
Max CVSS
7.8
EPSS Score
0.04%
Published
2021-10-06
Updated
2022-07-12
14 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!