Vulnerabilities > Google > Android > Low

DATE CVE VULNERABILITY TITLE RISK
2021-10-06 CVE-2021-25472 Unspecified vulnerability in Google Android
An improper access control vulnerability in BluetoothSettingsProvider prior to SMR Oct-2021 Release 1 allows untrusted application to overwrite some Bluetooth information.
local
low complexity
google
3.3
2021-09-09 CVE-2021-25457 Improper Input Validation vulnerability in Google Android 10.0/11.0
An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows local attackers to get a limited kernel memory information.
local
low complexity
google CWE-20
3.3
2021-09-09 CVE-2021-25455 Out-of-bounds Read vulnerability in Google Android
OOB read vulnerability in libsaviextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to access arbitrary address through pointer via forged avi file.
local
low complexity
google CWE-125
3.3
2021-09-09 CVE-2021-25451 Improper Authentication vulnerability in Google Android 10.0/11.0/9.0
A PendingIntent hijacking in NetworkPolicyManagerService prior to SMR Sep-2021 Release 1 allows attackers to get IMSI data.
local
low complexity
google CWE-287
3.3
2021-08-12 CVE-2021-38591 Unspecified vulnerability in Google Android 10.0/9.0
An issue was discovered on LG mobile devices with Android OS P and Q software for mt6762/mt6765/mt6883.
local
low complexity
google
3.3
2021-06-11 CVE-2021-25409 Missing Authorization vulnerability in Google Android 10.0
Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device.
low complexity
google CWE-862
2.4
2021-04-09 CVE-2021-25358 Incorrect Default Permissions vulnerability in Google Android 10.0/9.0
A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1 allows local attackers to access IMSI values without any permission via untrusted applications.
local
low complexity
google CWE-276
3.3
2021-04-09 CVE-2021-25359 Incorrect Default Permissions vulnerability in Google Android 10.0/11.0
An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP information without proper permissions via untrusted applications.
local
low complexity
google CWE-276
3.3
2021-04-09 CVE-2021-25364 Exposure of Resource to Wrong Sphere vulnerability in Google Android 11.0
A pendingIntent hijacking vulnerability in Secure Folder prior to SMR APR-2021 Release 1 allows unprivileged applications to access contact information.
local
low complexity
google CWE-668
3.3
2021-03-04 CVE-2021-25340 Unspecified vulnerability in Google Android 10.0
Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1 allows physically proximate attackers to change in arbitrary settings during Initialization State.
low complexity
google
2.4