Vulnerabilities > Google > Android > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-25 | CVE-2021-0941 | Use After Free vulnerability in Google Android In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. | 6.7 |
| 2021-10-22 | CVE-2021-0643 | Missing Authorization vulnerability in Google Android 10.0/11.0/12.0 In getAllSubInfoList of SubscriptionController.java, there is a possible way to retrieve a long term identifier without the correct permissions due to a missing permission check. | 5.5 |
| 2021-10-22 | CVE-2021-0651 | Improper Input Validation vulnerability in Google Android 10.0/11.0/9.0 In loadLabel of PackageItemInfo.java, there is a possible way to DoS a device by having a long label in an app due to incorrect input validation. | 5.5 |
| 2021-10-22 | CVE-2021-0702 | Unspecified vulnerability in Google Android 11.0 In RevertActiveSessions of apexd.cpp, there is a possible way to share the wrong file due to an unintentional MediaStore downgrade. | 5.5 |
| 2021-10-22 | CVE-2021-0703 | Use After Free vulnerability in Google Android 11.0 In SecondStageMain of init.cpp, there is a possible use after free due to incorrect shared_ptr usage. | 6.8 |
| 2021-10-22 | CVE-2021-0706 | Missing Authorization vulnerability in Google Android 10.0/11.0 In startListening of PluginManagerImpl.java, there is a possible way to disable arbitrary app components due to a missing permission check. | 5.5 |
| 2021-10-06 | CVE-2021-25467 | Classic Buffer Overflow vulnerability in Google Android 11.0 Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library. | 6.7 |
| 2021-10-06 | CVE-2021-25468 | Unspecified vulnerability in Google Android 10.0/11.0 A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address. | 4.4 |
| 2021-10-06 | CVE-2021-25469 | Out-of-bounds Write vulnerability in Google Android 10.0/11.0 A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution. | 6.7 |
| 2021-10-06 | CVE-2021-25473 | Improper Handling of Exceptional Conditions vulnerability in Google Android 11.0 Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_hide_by_meadia_full value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset. | 4.4 |