Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Android
(Google)| Repositories | https://github.com/torvalds/linux |
| #Vulnerabilities | 7304 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-08-18 | CVE-2021-0627 | In OMA DRM, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05722434; Issue ID: ALPS05722434. | Android | 6.7 | ||
| 2021-08-18 | CVE-2021-0628 | In OMA DRM, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05722454; Issue ID: ALPS05722454. | Android | 6.7 | ||
| 2021-09-09 | CVE-2021-25449 | An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021 Release 1 allows attackers to execute arbitrary code in mediaextractor process. | Android | 9.8 | ||
| 2021-09-09 | CVE-2021-25450 | Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Sep-2021 Release 1 allows attackers to write file as system uid via remote socket. | Android | 6.5 | ||
| 2021-09-09 | CVE-2021-25451 | A PendingIntent hijacking in NetworkPolicyManagerService prior to SMR Sep-2021 Release 1 allows attackers to get IMSI data. | Android | 3.3 | ||
| 2021-09-09 | CVE-2021-25452 | An improper input validation vulnerability in loading graph file in DSP driver prior to SMR Sep-2021 Release 1 allows attackers to perform permanent denial of service on the device. | Android | 5.5 | ||
| 2021-09-09 | CVE-2021-25453 | Some improper access control in Bluetooth APIs prior to SMR Sep-2021 Release 1 allows untrusted application to get Bluetooth information. | Android | 5.5 | ||
| 2021-09-09 | CVE-2021-25454 | OOB read vulnerability in libsaacextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute remote DoS via forged aac file. | Android | 5.5 | ||
| 2021-09-09 | CVE-2021-25455 | OOB read vulnerability in libsaviextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to access arbitrary address through pointer via forged avi file. | Android | 3.3 | ||
| 2021-09-09 | CVE-2021-25456 | OOB read vulnerability in libswmfextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute memcpy at arbitrary address via forged wmf file. | Android | 5.5 |