Kategori: NIST-Güvenlik Açıkları

CVE-2021-0434

In onReceive of BluetoothPermissionRequest.java, there is a possible phishing attack allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the…

Devamını oku

CVE-2021-0649

In stopVpnProfile of Vpn.java, there is a possible VPN profile reset due to a permissions bypass. This could lead to local escalation of privilege CONTROL_ALWAYS_ON_VPN…

Devamını oku

CVE-2021-0650

In WT_InterpolateNoLoop of eas_wtengine.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure…

Devamını oku

CVE-2021-0653

In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local…

Devamını oku

CVE-2021-0704

In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java, there is a possible way to retrieve accounts from the device without permissions due to a permissions bypass.…

Devamını oku

CVE-2021-0769

In onCreate of AllowBindAppWidgetActivity.java, there is a possible bypass of user interaction requirements due to unclear UI. This could lead to local escalation of privilege…

Devamını oku

CVE-2021-0799

In ActivityThread.java, there is a possible way to collide the content provider's authorities. This could lead to local escalation of privilege with no additional execution…

Devamını oku