Shodan
Vulnerabilities
Vulnerable Software
Google:  >> Android  >> 9.0  Security Vulnerabilities
CVE-2021-0904
In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06076938; Issue ID: ALPS06076938.
CVSS Score
6.7
EPSS Score
0.0
Published
2021-12-15
CVE-2021-0919
In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. This could lead to local denial of service making the lockscreen unusable with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-197336441
CVSS Score
5.0
EPSS Score
0.0
Published
2021-12-15
CVE-2021-25515
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID.
CVSS Score
4.0
EPSS Score
0.0
Published
2021-12-08
CVE-2021-25516
An improper check or handling of exceptional conditions in Exynos baseband prior to SMR Dec-2021 Release 1 allows attackers to track locations.
CVSS Score
6.4
EPSS Score
0.001
Published
2021-12-08
CVE-2021-25518
An improper boundary check in secure_log of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution.
CVSS Score
6.4
EPSS Score
0.0
Published
2021-12-08
CVE-2021-25519
An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission.
CVSS Score
4.0
EPSS Score
0.0
Published
2021-12-08
CVE-2021-25510
An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows local arbitrary code execution.
CVSS Score
5.3
EPSS Score
0.0
Published
2021-12-08
CVE-2021-25511
An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows attackers to write arbitrary files via a path traversal vulnerability.
CVSS Score
6.3
EPSS Score
0.0
Published
2021-12-08
CVE-2021-25512
An improper validation vulnerability in telephony prior to SMR Dec-2021 Release 1 allows attackers to launch certain activities.
CVSS Score
6.1
EPSS Score
0.0
Published
2021-12-08
CVE-2021-0672
In Browser app, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-199678035
CVSS Score
5.5
EPSS Score
0.0
Published
2021-11-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved