Total
13654 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-25683 | 1 Canonical | 1 Apport | 2024-11-21 | 8.8 High |
| It was discovered that the get_starttime() function in data/apport did not properly parse the /proc/pid/stat file from the kernel. | ||||
| CVE-2021-25682 | 1 Canonical | 1 Apport | 2024-11-21 | 8.8 High |
| It was discovered that the get_pid_info() function in data/apport did not properly parse the /proc/pid/status file from the kernel. | ||||
| CVE-2021-25520 | 1 Samsung | 1 Internet | 2024-11-21 | 5.9 Medium |
| Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to execute script codes in Samsung Internet. | ||||
| CVE-2021-25517 | 1 Google | 1 Android | 2024-11-21 | 7.7 High |
| An improper input validation vulnerability in LDFW prior to SMR Dec-2021 Release 1 allows attackers to perform arbitrary code execution. | ||||
| CVE-2021-25512 | 1 Google | 1 Android | 2024-11-21 | 6.1 Medium |
| An improper validation vulnerability in telephony prior to SMR Dec-2021 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2021-25511 | 1 Google | 1 Android | 2024-11-21 | 6.3 Medium |
| An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows attackers to write arbitrary files via a path traversal vulnerability. | ||||
| CVE-2021-25510 | 1 Google | 1 Android | 2024-11-21 | 5.3 Medium |
| An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows local arbitrary code execution. | ||||
| CVE-2021-25509 | 1 Samsung | 1 Samsung Flow | 2024-11-21 | 5.9 Medium |
| A missing input validation in Samsung Flow Windows application prior to Version 4.8.5.0 allows attackers to overwrite abtraty file in the Windows known folders. | ||||
| CVE-2021-25504 | 1 Samsung | 1 Group Sharing | 2024-11-21 | 4 Medium |
| Intent redirection vulnerability in Group Sharing prior to 10.8.03.2 allows attacker to access contact information. | ||||
| CVE-2021-25503 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 5 Medium |
| Improper input validation vulnerability in HDCP prior to SMR Nov-2021 Release 1 allows attackers to arbitrary code execution. | ||||
| CVE-2021-25500 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-11-21 | 7.2 High |
| A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise. | ||||
| CVE-2021-25485 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Oct-2021 Release 1 allows attackers to write file as system UID via BT remote socket. | ||||
| CVE-2021-25471 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 3.7 Low |
| A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion. | ||||
| CVE-2021-25468 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 4.4 Medium |
| A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address. | ||||
| CVE-2021-25465 | 1 Samsung | 1 Themes | 2024-11-21 | 3.3 Low |
| An improper scheme check vulnerability in Samsung Themes prior to version 5.2.01 allows attackers to perform Man-in-the-middle attack. | ||||
| CVE-2021-25457 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 5.9 Medium |
| An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows local attackers to get a limited kernel memory information. | ||||
| CVE-2021-25453 | 1 Google | 1 Android | 2024-11-21 | 5.1 Medium |
| Some improper access control in Bluetooth APIs prior to SMR Sep-2021 Release 1 allows untrusted application to get Bluetooth information. | ||||
| CVE-2021-25452 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 5.5 Medium |
| An improper input validation vulnerability in loading graph file in DSP driver prior to SMR Sep-2021 Release 1 allows attackers to perform permanent denial of service on the device. | ||||
| CVE-2021-25450 | 1 Google | 1 Android | 2024-11-21 | 4.5 Medium |
| Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Sep-2021 Release 1 allows attackers to write file as system uid via remote socket. | ||||
| CVE-2021-25444 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process. | ||||