Vulnerabilities > Google > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-15 | CVE-2021-0990 | Information Exposure Through Discrepancy vulnerability in Google Android 12.0 In getDeviceId of PhoneSubInfoController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 3.3 |
2021-12-15 | CVE-2021-0989 | Information Exposure Through Discrepancy vulnerability in Google Android 12.0 In hasManageOngoingCallsPermission of TelecomServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 3.3 |
2021-12-15 | CVE-2021-0988 | Information Exposure Through Discrepancy vulnerability in Google Android 12.0 In getLaunchedFromUid and getLaunchedFromPackage of ActivityClientController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 3.3 |
2021-12-15 | CVE-2021-0987 | Information Exposure Through Discrepancy vulnerability in Google Android 12.0 In getNeighboringCellInfo of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 3.3 |
2021-12-15 | CVE-2021-0983 | Information Exposure vulnerability in Google Android 12.1 In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible disclosure of information about installed device/profile owner package name due to side channel information disclosure. | 3.3 |
2021-12-15 | CVE-2021-0982 | Missing Authorization vulnerability in Google Android 12.0 In getOrganizationNameForUser of DevicePolicyManagerService.java, there is a possible organization name disclosure due to a missing permission check. | 3.3 |
2021-12-15 | CVE-2021-0978 | Missing Authorization vulnerability in Google Android 12.0 In getSerialForPackage of DeviceIdentifiersPolicyService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 3.3 |
2021-12-08 | CVE-2021-25519 | Missing Authorization vulnerability in Google Android 10.0/11.0/9.0 An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission. | 3.3 |
2021-12-08 | CVE-2021-25515 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/9.0 An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID. | 3.3 |
2021-12-08 | CVE-2021-25513 | Improper Privilege Management vulnerability in Google Android 11.0 An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen. | 2.4 |