cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers.
Max CVSS
5.7
Published
2021-11-05
Updated
2022-07-14
EPSS
0.04%
A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged process.
Max CVSS
6.0
Published
2021-10-06
Updated
2022-08-01
EPSS
0.04%
Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event.
Max CVSS
4.0
Published
2021-10-06
Updated
2021-10-13
EPSS
0.04%
Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library.
Max CVSS
7.2
Published
2021-10-06
Updated
2021-10-14
EPSS
0.04%
An improper access control vulnerability in sspExit() in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to terminate BlockchainTZService.
Max CVSS
5.5
Published
2021-09-09
Updated
2022-09-23
EPSS
0.04%
An improper access control vulnerability in sspInit() in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to start BlockchainTZService.
Max CVSS
5.5
Published
2021-09-09
Updated
2022-09-23
EPSS
0.04%
A PendingIntent hijacking in NetworkPolicyManagerService prior to SMR Sep-2021 Release 1 allows attackers to get IMSI data.
Max CVSS
4.3
Published
2021-09-09
Updated
2021-09-23
EPSS
0.05%
Improper access control vulnerability in Bluetooth application prior to SMR July-2021 Release 1 allows untrusted application to access the Bluetooth information in Bluetooth application.
Max CVSS
4.3
Published
2021-07-08
Updated
2021-07-14
EPSS
0.05%
An improper authorization of using debugging command in Secure Folder prior to SMR Oct-2020 Release 1 allows unauthorized access to contents in Secure Folder via debugging command.
Max CVSS
6.1
Published
2021-04-23
Updated
2022-10-25
EPSS
0.04%
An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP information without proper permissions via untrusted applications.
Max CVSS
4.0
Published
2021-04-09
Updated
2021-04-19
EPSS
0.04%
Hijacking vulnerability in Samsung Email application version prior to SMR Feb-2021 Release 1 allows attackers to intercept when the provider is executed.
Max CVSS
5.3
Published
2021-03-04
Updated
2021-03-12
EPSS
0.04%
In lockAllProfileTasks of RootWindowContainer.java, there is a possible way to access the work profile without the profile PIN, after logging in. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-177457096
Max CVSS
7.8
Published
2021-10-06
Updated
2022-07-12
EPSS
0.04%
12 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!