Vulnerabilities > Google > Android > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-15 | CVE-2021-0982 | Missing Authorization vulnerability in Google Android 12.0 In getOrganizationNameForUser of DevicePolicyManagerService.java, there is a possible organization name disclosure due to a missing permission check. | 2.1 |
2021-12-15 | CVE-2021-0979 | Incorrect Default Permissions vulnerability in Google Android 12.0 In isRequestPinItemSupported of ShortcutService.java, there is a possible cross-user leak of packages in which the default launcher supports requests to create pinned shortcuts due to a permissions bypass. | 2.1 |
2021-12-15 | CVE-2021-0978 | Missing Authorization vulnerability in Google Android 12.0 In getSerialForPackage of DeviceIdentifiersPolicyService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 3.3 |
2021-12-15 | CVE-2021-0973 | Improper Handling of Case Sensitivity vulnerability in Google Android 12.0 In isFileUri of UriUtil.java, there is a possible way to bypass ignoring file://URI attachment due to improper handling of case sensitivity. | 1.9 |
2021-12-15 | CVE-2021-0966 | Missing Initialization of Resource vulnerability in Google Android 11.0/12.0 In code generated by BuildParcelFields of generate_cpp.cpp, there is a possible way for a crafted parcelable to reveal uninitialized memory of a target process due to uninitialized data. | 2.1 |
2021-12-15 | CVE-2021-0963 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. | 3.3 |
2021-12-15 | CVE-2021-0961 | Missing Initialization of Resource vulnerability in Google Android In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data. | 2.1 |
2021-12-15 | CVE-2021-0958 | Unspecified vulnerability in Google Android 11.0/12.0 In update of km_compat.cpp, there is a possible loss of potentially sensitive data due to a logic error in the code. | 2.1 |
2021-12-15 | CVE-2021-0919 | Integer Overflow or Wraparound vulnerability in Google Android 10.0/11.0/9.0 In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. | 1.9 |
2021-12-08 | CVE-2021-25519 | Missing Authorization vulnerability in Google Android 10.0/11.0/9.0 An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission. | 3.3 |