Vulnerabilities > Google > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-04-28 | CVE-2021-31815 | Cleartext Transmission of Sensitive Information vulnerability in Google Google/Apple Exposure Notifications 20210427 GAEN (aka Google/Apple Exposure Notifications) through 2021-04-27 on Android allows attackers to obtain sensitive information, such as a user's location history, in-person social graph, and (sometimes) COVID-19 infection status, because Rolling Proximity Identifiers and MAC addresses are written to the Android system log, and many Android devices have applications (preinstalled by the hardware manufacturer or network operator) that read system log data and send it to third parties. | 3.3 |
2021-04-09 | CVE-2021-25358 | Incorrect Default Permissions vulnerability in Google Android 10.0/9.0 A vulnerability that stores IMSI values in an improper path prior to SMR APR-2021 Release 1 allows local attackers to access IMSI values without any permission via untrusted applications. | 3.3 |
2021-04-09 | CVE-2021-25359 | Incorrect Default Permissions vulnerability in Google Android 10.0/11.0 An improper SELinux policy prior to SMR APR-2021 Release 1 allows local attackers to access AP information without proper permissions via untrusted applications. | 3.3 |
2021-04-09 | CVE-2021-25364 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 11.0 A pendingIntent hijacking vulnerability in Secure Folder prior to SMR APR-2021 Release 1 allows unprivileged applications to access contact information. | 3.3 |
2021-03-04 | CVE-2021-25340 | Unspecified vulnerability in Google Android 10.0 Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1 allows physically proximate attackers to change in arbitrary settings during Initialization State. low complexity google | 2.4 |
2021-03-04 | CVE-2021-25335 | Improper lockscreen status check in cocktailbar service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows unauthenticated users to access hidden notification contents over the lockscreen in specific condition. | 2.5 |
2021-03-04 | CVE-2021-25336 | Unspecified vulnerability in Google Android 10.0/9.0 Improper access control in NotificationManagerService in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to acquire notification access via sending a crafted malicious intent. | 3.3 |
2020-12-15 | CVE-2020-27056 | Missing Authorization vulnerability in Google Android 11.0 In SELinux policies of mls, there is a missing permission check. | 3.3 |
2020-12-15 | CVE-2020-27057 | Missing Authorization vulnerability in Google Android 11.0 In getGpuStatsGlobalInfo and getGpuStatsAppInfo of GpuService.cpp, there is a possible permission bypass due to a missing permission check. | 3.3 |
2020-12-15 | CVE-2020-0368 | Improper Input Validation vulnerability in Google Android 11.0 In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper input validation. | 3.3 |