Vulnerabilities > Google > Android > Low

DATE CVE VULNERABILITY TITLE RISK
2021-12-15 CVE-2021-0987 Information Exposure Through Discrepancy vulnerability in Google Android 12.0
In getNeighboringCellInfo of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-203
3.3
2021-12-15 CVE-2021-0983 Information Exposure vulnerability in Google Android 12.1
In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible disclosure of information about installed device/profile owner package name due to side channel information disclosure.
local
low complexity
google CWE-200
3.3
2021-12-15 CVE-2021-0982 Missing Authorization vulnerability in Google Android 12.0
In getOrganizationNameForUser of DevicePolicyManagerService.java, there is a possible organization name disclosure due to a missing permission check.
local
low complexity
google CWE-862
3.3
2021-12-15 CVE-2021-0978 Missing Authorization vulnerability in Google Android 12.0
In getSerialForPackage of DeviceIdentifiersPolicyService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-862
3.3
2021-12-08 CVE-2021-25519 Missing Authorization vulnerability in Google Android 10.0/11.0/9.0
An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission.
local
low complexity
google CWE-862
3.3
2021-12-08 CVE-2021-25515 Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/9.0
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID.
local
low complexity
google CWE-668
3.3
2021-12-08 CVE-2021-25513 Improper Privilege Management vulnerability in Google Android 11.0
An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen.
low complexity
google CWE-269
2.4
2021-11-05 CVE-2021-25501 Unspecified vulnerability in Google Android 10.0/11.0
An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers.
local
low complexity
google
3.3
2021-10-06 CVE-2021-25486 Unspecified vulnerability in Google Android
Exposure of information vulnerability in ipcdump prior to SMR Oct-2021 Release 1 allows an attacker detect device information via analyzing packet in log.
local
low complexity
google
3.3
2021-10-06 CVE-2021-25484 Improper Authentication vulnerability in Google Android 10.0/11.0/8.1
Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event.
local
low complexity
google CWE-287
3.3