Skip to main content
CVE-2021-0308 MEDIUM This Month

In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Google Android +1
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2021-0301 MEDIUM This Month

In ged, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Memory Corruption Google Android
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-0342 MEDIUM PATCH This Month

In tun_get_user of tun.c, there is possible memory corruption due to a use after free. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Buffer Overflow Google Privilege Escalation Memory Corruption Use After Free +2
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-0312 MEDIUM This Month

In WAVSource::read of WAVExtractor.cpp, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Integer Overflow Information Disclosure Android
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-0311 MEDIUM This Month

In ElementaryStreamQueue::dequeueAccessUnitH264() of ESQueue.cpp, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Google Information Disclosure Android
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-0321 MEDIUM PATCH This Month

In enforceDumpPermissionForPackage of ActivityManagerService.java, there is a possible way to determine if a package is installed due to side channel information disclosure. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-0309 MEDIUM This Month

In onCreate of grantCredentialsPermissionActivity, there is a confused deputy. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-0304 MEDIUM This Month

In several functions of GlobalScreenshot.java, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-23253 MEDIUM This Month

Opera Mini for Android below 53.1 displays URL left-aligned in the address field. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Opera Mini
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2021-0322 MEDIUM PATCH This Month

In onCreate of SlicePermissionActivity.java, there is a possible misleading string displayed due to improper input validation. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2021-0320 MEDIUM PATCH This Month

In is_device_locked and set_device_locked of keystore_keymaster_enforcement.h, there is a possible bypass of lockscreen requirements for keyguard bound keys due to a race condition. Rated medium severity (CVSS 4.7).

Google Information Disclosure Race Condition Android
NVD
CVSS 3.1
4.7
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy