Search

Search Results (367109 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-25519 1 Google 1 Android 2024-11-21 4 Medium
An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission.
CVE-2021-25518 1 Google 1 Android 2024-11-21 6.4 Medium
An improper boundary check in secure_log of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution.
CVE-2021-25517 1 Google 1 Android 2024-11-21 7.7 High
An improper input validation vulnerability in LDFW prior to SMR Dec-2021 Release 1 allows attackers to perform arbitrary code execution.
CVE-2021-25516 1 Google 1 Android 2024-11-21 6.4 Medium
An improper check or handling of exceptional conditions in Exynos baseband prior to SMR Dec-2021 Release 1 allows attackers to track locations.
CVE-2021-25515 1 Google 1 Android 2024-11-21 4 Medium
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID.
CVE-2021-25514 1 Google 1 Android 2024-11-21 3.3 Low
An improper intent redirection handling in Tags prior to SMR Dec-2021 Release 1 allows attackers to access sensitive information.
CVE-2021-25513 1 Google 1 Android 2024-11-21 2.4 Low
An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen.
CVE-2021-25512 1 Google 1 Android 2024-11-21 6.1 Medium
An improper validation vulnerability in telephony prior to SMR Dec-2021 Release 1 allows attackers to launch certain activities.
CVE-2021-25511 1 Google 1 Android 2024-11-21 6.3 Medium
An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows attackers to write arbitrary files via a path traversal vulnerability.
CVE-2021-25510 1 Google 1 Android 2024-11-21 5.3 Medium
An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows local arbitrary code execution.
CVE-2021-25509 1 Samsung 1 Samsung Flow 2024-11-21 5.9 Medium
A missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attackers to overwrite abtraty file in the Windows known folders.
CVE-2021-25508 1 Samsung 1 Smartthings 2024-11-21 5.3 Medium
Improper privilege management vulnerability in API Key used in SmartThings prior to 1.7.73.22 allows an attacker to abuse the API key without limitation.
CVE-2021-25507 1 Samsung 1 Samsung Flow 2024-11-21 5.7 Medium
Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows Samsung Flow PC application connected with user device to access part of notification data in Secure Folder without authorization.
CVE-2021-25506 1 Samsung 1 Health 2024-11-21 4 Medium
Non-existent provider in Samsung Health prior to 6.19.1.0001 allows attacker to access it via malicious content provider or lead to denial of service.
CVE-2021-25505 1 Samsung 1 Samsung Pass 2024-11-21 3.3 Low
Improper authentication in Samsung Pass prior to 3.0.02.4 allows to use app without authentication when lockscreen is unlocked.
CVE-2021-25504 1 Samsung 1 Group Sharing 2024-11-21 4 Medium
Intent redirection vulnerability in Group Sharing prior to 10.8.03.2 allows attacker to access contact information.
CVE-2021-25503 2 Google, Samsung 2 Android, Exynos 2024-11-21 5 Medium
Improper input validation vulnerability in HDCP prior to SMR Nov-2021 Release 1 allows attackers to arbitrary code execution.
CVE-2021-25502 1 Google 1 Android 2024-11-21 7.9 High
A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov-2021 Release 1 allows attackers to read ESN value without priviledge.
CVE-2021-25501 1 Google 1 Android 2024-11-21 5.7 Medium
An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers.
CVE-2021-25500 2 Google, Samsung 5 Android, Exynos 2100, Exynos 980 and 2 more 2024-11-21 7.2 High
A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise.