Total
12770 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-25453 | 1 Google | 1 Android | 2024-11-21 | 5.1 Medium |
| Some improper access control in Bluetooth APIs prior to SMR Sep-2021 Release 1 allows untrusted application to get Bluetooth information. | ||||
| CVE-2021-25452 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 5.5 Medium |
| An improper input validation vulnerability in loading graph file in DSP driver prior to SMR Sep-2021 Release 1 allows attackers to perform permanent denial of service on the device. | ||||
| CVE-2021-25450 | 1 Google | 1 Android | 2024-11-21 | 4.5 Medium |
| Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Sep-2021 Release 1 allows attackers to write file as system uid via remote socket. | ||||
| CVE-2021-25444 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process. | ||||
| CVE-2021-25441 | 2 Google, Samsung | 2 Android, Ar Emoji Editor | 2024-11-21 | 7.8 High |
| Improper input validation vulnerability in AR Emoji Editor prior to version 4.4.03.5 in Android Q(10.0) and above allows untrusted applications to access arbitrary files with an escalated privilege. | ||||
| CVE-2021-25437 | 1 Linux | 1 Tizen | 2024-11-21 | 9.8 Critical |
| Improper access control vulnerability in Tizen FOTA service prior to Firmware update JUL-2021 Release allows attackers to arbitrary code execution by replacing FOTA update file. | ||||
| CVE-2021-25436 | 1 Linux | 1 Tizen | 2024-11-21 | 9.8 Critical |
| Improper input validation vulnerability in Tizen FOTA service prior to Firmware update JUL-2021 Release allows arbitrary code execution via Samsung Accessory Protocol. | ||||
| CVE-2021-25435 | 1 Linux | 1 Tizen | 2024-11-21 | 9.8 Critical |
| Improper input validation vulnerability in Tizen bootloader prior to Firmware update JUL-2021 Release allows arbitrary code execution using recovery partition in wireless firmware download mode. | ||||
| CVE-2021-25434 | 1 Linux | 1 Tizen | 2024-11-21 | 9.8 Critical |
| Improper input validation vulnerability in Tizen bootloader prior to Firmware update JUL-2021 Release allows arbitrary code execution using param partition in wireless firmware download mode. | ||||
| CVE-2021-25428 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| Improper validation check vulnerability in PackageManager prior to SMR July-2021 Release 1 allows untrusted applications to get dangerous level permission without user confirmation in limited circumstances. | ||||
| CVE-2021-25416 | 2 Google, Samsung | 5 Android, Exynos 9610, Exynos 9810 and 2 more | 2024-11-21 | 6.5 Medium |
| Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area. | ||||
| CVE-2021-25415 | 2 Google, Samsung | 5 Android, Exynos 9610, Exynos 9810 and 2 more | 2024-11-21 | 5.5 Medium |
| Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable. | ||||
| CVE-2021-25414 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows local attackers to copy or overwrite arbitrary files with Samsung Contacts privilege. | ||||
| CVE-2021-25413 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows local attackers to get permissions to access arbitrary data with Samsung Contacts privilege. | ||||
| CVE-2021-25411 | 2 Google, Samsung | 5 Android, Exynos 9610, Exynos 9810 and 2 more | 2024-11-21 | 4.4 Medium |
| Improper address validation vulnerability in RKP api prior to SMR JUN-2021 Release 1 allows root privileged local attackers to write read-only kernel memory. | ||||
| CVE-2021-25410 | 1 Google | 1 Android | 2024-11-21 | 7.1 High |
| Improper access control of a component in CallBGProvider prior to SMR JUN-2021 Release 1 allows local attackers to access arbitrary files with an escalated privilege. | ||||
| CVE-2021-25401 | 1 Samsung | 1 Health | 2024-11-21 | 7.8 High |
| Intent redirection vulnerability in Samsung Health prior to version 6.16 allows attacker to execute privileged action. | ||||
| CVE-2021-25378 | 1 Samsung | 1 Smartthings | 2024-11-21 | 4.3 Medium |
| Improper access control of certain port in SmartThings prior to version 1.7.63.6 allows remote temporary denial of service. | ||||
| CVE-2021-25356 | 1 Google | 1 Android | 2024-11-21 | 7.1 High |
| An improper caller check vulnerability in Managed Provisioning prior to SMR APR-2021 Release 1 allows unprivileged application to install arbitrary application, grant device admin permission and then delete several installed application. | ||||
| CVE-2021-25339 | 2 Google, Samsung | 2 Android, Exynos 9830 | 2024-11-21 | 4.4 Medium |
| Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory. | ||||