Skip to main content
CVE-2021-1034 LOW PATCH Monitor

In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine whether an app is installed, without querypermissions due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Google Authentication Bypass Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2021-1032 LOW PATCH Monitor

In getMimeGroup of PackageManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2021-1031 LOW PATCH Monitor

In cancelNotificationsFromListener of NotificationManagerService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2021-1018 LOW Monitor

In adjustStreamVolume of AudioService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2021-1015 LOW Monitor

In getMeidForSlot of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2021-0995 LOW PATCH Monitor

In registerSuggestionConnectionStatusListener of WifiServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2021-0994 LOW PATCH Monitor

In requestRouteToHostAddress of ConnectivityService.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Google Information Disclosure Authentication Bypass Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2021-0992 LOW PATCH Monitor

In onCreate of PaymentDefaultDialog.java, there is a possible way to change a default payment app without user consent due to tapjack overlay. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity.

Google Privilege Escalation XSS Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2021-0990 LOW PATCH Monitor

In getDeviceId of PhoneSubInfoController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2021-0989 LOW PATCH Monitor

In hasManageOngoingCallsPermission of TelecomServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2021-0988 LOW PATCH Monitor

In getLaunchedFromUid and getLaunchedFromPackage of ActivityClientController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2021-0987 LOW PATCH Monitor

In getNeighboringCellInfo of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2021-0983 LOW Monitor

In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible disclosure of information about installed device/profile owner package name due to side channel information. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2021-0982 LOW PATCH Monitor

In getOrganizationNameForUser of DevicePolicyManagerService.java, there is a possible organization name disclosure due to a missing permission check. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Google Information Disclosure Authentication Bypass Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2021-0978 LOW PATCH Monitor

In getSerialForPackage of DeviceIdentifiersPolicyService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Google Information Disclosure Authentication Bypass Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2021-0991 LOW PATCH Monitor

In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity.

Google Information Disclosure Android
NVD
CVSS 3.1
2.4
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy