Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-06 | CVE-2021-25471 | Unspecified vulnerability in Google Android 10.0/8.1/9.0 A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion. | 7.5 |
| 2021-10-06 | CVE-2021-25478 | Out-of-bounds Write vulnerability in Google Android A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | 7.2 |
| 2021-10-06 | CVE-2021-25479 | Out-of-bounds Write vulnerability in Google Android A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | 7.2 |
| 2021-10-06 | CVE-2021-25480 | Authentication Bypass by Capture-replay vulnerability in Google Android A lack of replay attack protection in GUTI REALLOCATION COMMAND message process in Qualcomm modem prior to SMR Oct-2021 Release 1 can lead to remote denial of service on mobile network connection. | 7.5 |
| 2021-10-06 | CVE-2021-25485 | Path Traversal vulnerability in Google Android 10.0/11.0 Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Oct-2021 Release 1 allows attackers to write file as system UID via BT remote socket. | 8.0 |
| 2021-10-06 | CVE-2021-25487 | Out-of-bounds Read vulnerability in Google Android Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer. | 7.8 |
| 2021-10-06 | CVE-2021-0595 | Improper Authentication vulnerability in Google Android In lockAllProfileTasks of RootWindowContainer.java, there is a possible way to access the work profile without the profile PIN, after logging in. | 7.8 |
| 2021-10-06 | CVE-2021-0598 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. | 7.3 |
| 2021-10-06 | CVE-2021-0635 | Unspecified vulnerability in Google Android 10.0 When extracting the incorrectly formatted flv file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed. | 7.8 |
| 2021-10-06 | CVE-2021-0636 | Unspecified vulnerability in Google Android 10.0 When extracting the incorrectly formatted avi file, the memory is damaged, the playback interface shows that the video cannot be played, and the log is found to be crashed. | 7.8 |