Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-11 | CVE-2021-25391 | Unspecified vulnerability in Google Android 11.0 Intent redirection vulnerability in Secure Folder prior to SMR MAY-2021 Release 1 allows attackers to execute privileged action. | 4.0 |
| 2021-06-11 | CVE-2021-25392 | Inadequate Encryption Strength vulnerability in Google Android 10.0/11.0/9.0 Improper protection of backup path configuration in Samsung Dex prior to SMR MAY-2021 Release 1 allows local attackers to get sensitive information via changing the path. | 5.5 |
| 2021-06-11 | CVE-2021-25393 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 10.0/11.0 Improper sanitization of incoming intent in SecSettings prior to SMR MAY-2021 Release 1 allows local attackers to get permissions to access system uid data. | 5.5 |
| 2021-06-11 | CVE-2021-25396 | Out-of-bounds Write vulnerability in Google Android 10.0/11.0 An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution. | 6.7 |
| 2021-06-11 | CVE-2021-25397 | Unspecified vulnerability in Google Android 10.0/11.0/9.0 An improper access control vulnerability in TelephonyUI prior to SMR MAY-2021 Release 1 allows local attackers to write arbitrary files of telephony process via untrusted applications. | 5.5 |
| 2021-06-11 | CVE-2021-25411 | Improper Input Validation vulnerability in Google Android 10.0/11.0 Improper address validation vulnerability in RKP api prior to SMR JUN-2021 Release 1 allows root privileged local attackers to write read-only kernel memory. | 4.4 |
| 2021-06-11 | CVE-2021-25413 | Unspecified vulnerability in Google Android 10.0/11.0/9.0 Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows local attackers to get permissions to access arbitrary data with Samsung Contacts privilege. | 5.5 |
| 2021-06-11 | CVE-2021-25415 | Improper Input Validation vulnerability in Google Android 10.0/11.0 Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable. | 5.5 |
| 2021-06-11 | CVE-2021-25416 | Improper Input Validation vulnerability in Google Android 10.0/11.0 Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area. | 6.5 |
| 2021-06-07 | CVE-2021-30531 | Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. | 6.5 |