Product:

Android

(Google)
Repositories https://github.com/torvalds/linux
#Vulnerabilities 3587
Date Id Summary Products Score Patch Annotated
2021-04-09 CVE-2021-25356 An improper caller check vulnerability in Managed Provisioning prior to SMR APR-2021 Release 1 allows unprivileged application to install arbitrary application, grant device admin permission and then delete several installed application. Android 8.8
2020-03-10 CVE-2020-0055 In l2c_link_process_num_completed_pkts of l2c_link.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141617601 Android 5.5
2011-05-16 CVE-2011-0419 Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd. Http_server, Portable_runtime, Mac_os_x, Freebsd, Android, Netbsd, Openbsd, Solaris N/A
2021-01-11 CVE-2021-0308 In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158063095. Debian_linux, Android 7.8
2020-09-17 CVE-2020-0293 In Java network APIs, there is possible access to sensitive network state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation in Android versions: Android-11, Android ID: A-141455849 Android 5.5
2020-11-10 CVE-2020-0454 In callCallbackForRequest of ConnectivityService.java, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure of the current SSID with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-161370134 Android 5.5
2021-04-13 CVE-2021-0430 In rw_mfc_handle_read_op of rw_mfc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution via a malicious NFC packet with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-178725766 Android 9.8
2021-04-23 CVE-2021-25382 An improper authorization of using debugging command in Secure Folder prior to SMR Oct-2020 Release 1 allows unauthorized access to contents in Secure Folder via debugging command. Android 5.5
2021-04-09 CVE-2021-25363 An improper access control in ActivityManagerService prior to SMR APR-2021 Release 1 allows untrusted applications to access running processesdelete some local files. Android 6.1
2021-04-09 CVE-2021-25361 An improper access control vulnerability in stickerCenter prior to SMR APR-2021 Release 1 allows local attackers to read or write arbitrary files of system process via untrusted applications. Android 8.8