cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
An issue was discovered on LG mobile devices with Android OS 4.4 through 11 software. Attackers can leverage ISMS services to bypass access control on specific content providers. The LG ID is LVE-SMP-210003 (April 2021).
Max CVSS
7.1
Published
2021-04-06
Updated
2021-04-13
EPSS
0.04%
An issue was discovered on LG mobile devices with Android OS 11 software. Attackers can bypass the lockscreen protection mechanism after an incoming call has been terminated. The LG ID is LVE-SMP-210002 (April 2021).
Max CVSS
5.5
Published
2021-04-06
Updated
2021-04-12
EPSS
0.04%
An issue was discovered on LG mobile devices with Android OS 11 software. They mishandle fingerprint recognition because local high beam mode (LHBM) does not function properly during bright illumination. The LG ID is LVE-SMP-210001 (March 2021).
Max CVSS
6.8
Published
2021-03-02
Updated
2021-03-08
EPSS
0.05%
An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission.
Max CVSS
4.0
Published
2021-12-08
Updated
2023-06-26
EPSS
0.04%
An improper boundary check in secure_log of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution.
Max CVSS
6.7
Published
2021-12-08
Updated
2022-09-23
EPSS
0.04%
An improper input validation vulnerability in LDFW prior to SMR Dec-2021 Release 1 allows attackers to perform arbitrary code execution.
Max CVSS
7.8
Published
2021-12-08
Updated
2021-12-10
EPSS
0.04%
An improper check or handling of exceptional conditions in Exynos baseband prior to SMR Dec-2021 Release 1 allows attackers to track locations.
Max CVSS
7.5
Published
2021-12-08
Updated
2021-12-13
EPSS
0.08%
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID.
Max CVSS
4.0
Published
2021-12-08
Updated
2022-08-01
EPSS
0.04%
An improper intent redirection handling in Tags prior to SMR Dec-2021 Release 1 allows attackers to access sensitive information.
Max CVSS
6.5
Published
2021-12-08
Updated
2021-12-10
EPSS
0.08%
An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen.
Max CVSS
2.4
Published
2021-12-08
Updated
2021-12-10
EPSS
0.05%
An improper validation vulnerability in telephony prior to SMR Dec-2021 Release 1 allows attackers to launch certain activities.
Max CVSS
7.8
Published
2021-12-08
Updated
2021-12-10
EPSS
0.04%
An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows attackers to write arbitrary files via a path traversal vulnerability.
Max CVSS
7.8
Published
2021-12-08
Updated
2021-12-10
EPSS
0.04%
An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows local arbitrary code execution.
Max CVSS
7.8
Published
2021-12-08
Updated
2021-12-10
EPSS
0.04%
Improper input validation vulnerability in HDCP prior to SMR Nov-2021 Release 1 allows attackers to arbitrary code execution.
Max CVSS
6.7
Published
2021-11-05
Updated
2021-11-08
EPSS
0.04%
A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov-2021 Release 1 allows attackers to read ESN value without priviledge.
Max CVSS
7.9
Published
2021-11-05
Updated
2021-11-08
EPSS
0.04%
An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers.
Max CVSS
5.7
Published
2021-11-05
Updated
2022-07-14
EPSS
0.04%
A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise.
Max CVSS
7.2
Published
2021-11-05
Updated
2022-08-01
EPSS
0.04%
A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows memory corruption via NULL-pointer dereference.
Max CVSS
4.4
Published
2021-10-06
Updated
2021-10-13
EPSS
0.04%
A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged process.
Max CVSS
6.0
Published
2021-10-06
Updated
2022-08-01
EPSS
0.04%

CVE-2021-25489

Known Exploited Vulnerability
Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic.
Max CVSS
5.5
Published
2021-10-06
Updated
2022-09-23
EPSS
0.14%
KEV Added
2023-06-29
Lack of boundary checking of a buffer in recv_data() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read.
Max CVSS
5.5
Published
2021-10-06
Updated
2021-10-13
EPSS
0.04%

CVE-2021-25487

Known Exploited Vulnerability
Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.
Max CVSS
7.8
Published
2021-10-06
Updated
2021-10-13
EPSS
0.07%
KEV Added
2023-06-29
Exposure of information vulnerability in ipcdump prior to SMR Oct-2021 Release 1 allows an attacker detect device information via analyzing packet in log.
Max CVSS
3.3
Published
2021-10-06
Updated
2021-10-13
EPSS
0.04%
Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Oct-2021 Release 1 allows attackers to write file as system UID via BT remote socket.
Max CVSS
8.0
Published
2021-10-06
Updated
2021-10-13
EPSS
0.04%
Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event.
Max CVSS
4.0
Published
2021-10-06
Updated
2021-10-13
EPSS
0.04%
449 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!