Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google android 10.0 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2021-39631
In clear_data_dlg_text of strings.xml, there is a possible situation when "Clear storage" functionality sets up the wrong security/privacy expectations due to a misleading message. This could lead to local information disclosure with no additional execution privileges n...
Google Android 10.0
Google Android 11.0
Google Android 12.0
5.5
CVSSv3
CVE-2021-39659
In sortSimPhoneAccountsForEmergency of CreateConnectionProcessor.java, there is a possible prevention of access to emergency calling due to an unhandled exception. In rare instances, this could lead to local denial of service with User execution privileges needed. User interactio...
Google Android 10.0
Google Android 11.0
Google Android 12.0
7.3
CVSSv3
CVE-2021-39691
In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when processing user input. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersion...
Google Android 10.0
Google Android 11.0
Google Android 12.0
7.8
CVSSv3
CVE-2021-39692
In onCreate of SetupLayoutActivity.java, there is a possible way to setup a work profile bypassing user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation....
Google Android 10.0
Google Android 11.0
Google Android 12.0
7.8
CVSSv3
CVE-2021-39696
In Task.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android...
Google Android 10.0
Google Android 11.0
Google Android 12.0
7.8
CVSSv3
CVE-2021-39706
In onResume of CredentialStorage.java, there is a possible way to cleanup content of credentials storage due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
Google Android 10.0
Google Android 11.0
Google Android 12.0
7.8
CVSSv3
CVE-2021-39707
In onReceive of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitati...
Google Android 10.0
Google Android 11.0
Google Android 12.0
7.8
CVSSv3
CVE-2021-39808
In createNotificationChannelGroup of PreferencesHelper.java, there is a possible way for a service to run in foreground without user notification due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. Use...
Google Android 10.0
Google Android 11.0
Google Android 12.0
5.5
CVSSv3
CVE-2022-21763
In telecom service, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07044717; Issue ID: ALP...
Google Android 10.0
Google Android 11.0
Google Android 12.0
7.1
CVSSv3
CVE-2022-22264
Improper sanitization of incoming intent in Dressroom prior to SMR Jan-2022 Release 1 allows local malicious users to read and write arbitrary files without permission.
Google Android 10.0
Google Android 11.0
Google Android 12.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »