cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
An improper boundary check in secure_log of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution.
Max CVSS
6.7
Published
2021-12-08
Updated
2022-09-23
EPSS
0.04%
A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise.
Max CVSS
7.2
Published
2021-11-05
Updated
2022-08-01
EPSS
0.04%
A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows memory corruption via NULL-pointer dereference.
Max CVSS
4.4
Published
2021-10-06
Updated
2021-10-13
EPSS
0.04%
A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.
Max CVSS
7.2
Published
2021-10-06
Updated
2021-10-13
EPSS
0.09%
A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.
Max CVSS
7.2
Published
2021-10-06
Updated
2021-10-13
EPSS
0.08%
A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.
Max CVSS
7.2
Published
2021-10-06
Updated
2021-10-13
EPSS
0.04%
A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution.
Max CVSS
6.7
Published
2021-10-06
Updated
2021-10-13
EPSS
0.04%
NULL pointer dereference vulnerability in NPU driver prior to SMR Sep-2021 Release 1 allows attackers to cause memory corruption.
Max CVSS
5.5
Published
2021-09-09
Updated
2021-09-23
EPSS
0.04%
NULL pointer dereference vulnerability in ION driver prior to SMR Sep-2021 Release 1 allows attackers to cause memory corruption.
Max CVSS
5.5
Published
2021-09-09
Updated
2021-09-23
EPSS
0.04%
A use after free vulnerability in conn_gadget driver prior to SMR AUG-2021 Release 1 allows malicious action by an attacker.
Max CVSS
5.3
Published
2021-08-05
Updated
2021-08-12
EPSS
0.04%
A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution.
Max CVSS
7.8
Published
2021-06-11
Updated
2021-06-16
EPSS
0.04%
A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write.
Max CVSS
7.8
Published
2021-06-11
Updated
2021-09-21
EPSS
0.04%
An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution.
Max CVSS
6.7
Published
2021-06-11
Updated
2021-06-16
EPSS
0.04%

CVE-2021-25394

Known Exploited Vulnerability
A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio privilege is compromised.
Max CVSS
6.4
Published
2021-06-11
Updated
2021-06-16
EPSS
0.08%
KEV Added
2023-06-29
An improper input validation vulnerability in sdfffd_parse_chunk_PROP() with Sample Rate Chunk in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.
Max CVSS
9.8
Published
2021-06-11
Updated
2022-10-25
EPSS
0.12%

CVE-2021-25372

Known Exploited Vulnerability
An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access.
Max CVSS
7.2
Published
2021-03-26
Updated
2021-04-01
EPSS
0.08%
KEV Added
2023-06-29

CVE-2021-25370

Known Exploited Vulnerability
An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic.
Max CVSS
6.1
Published
2021-03-26
Updated
2022-05-03
EPSS
0.20%
KEV Added
2022-11-08
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) (Exynos chipsets) software. The Mali GPU driver allows out-of-bounds access and a device reset. The Samsung ID is SVE-2020-19174 (January 2021).
Max CVSS
7.1
Published
2021-01-05
Updated
2021-01-08
EPSS
0.05%
In MPEG4Source::read of MPEG4Extractor.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-188893559
Max CVSS
6.5
Published
2021-12-15
Updated
2021-12-17
EPSS
0.10%
In vorbis_book_decodev_set of codebook.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-199065614
Max CVSS
9.3
Published
2021-12-15
Updated
2021-12-17
EPSS
0.12%
In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-193363621
Max CVSS
7.1
Published
2021-12-15
Updated
2021-12-17
EPSS
0.11%
In NfcTag::discoverTechnologies (activation) of NfcTag.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additionalSystem execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-189942532
Max CVSS
10.0
Published
2021-12-15
Updated
2021-12-20
EPSS
0.12%
In pf_write_buf of FuseDaemon.cpp, there is possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-192085766
Max CVSS
7.0
Published
2021-12-15
Updated
2021-12-20
EPSS
0.04%
In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-181660091
Max CVSS
8.8
Published
2021-12-15
Updated
2021-12-17
EPSS
0.05%
In apusys, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05664618.
Max CVSS
6.7
Published
2021-12-17
Updated
2021-12-22
EPSS
0.04%
140 vulnerabilities found
1 2 3 4 5 6
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!