Google: >> Android >> 9.0 Security Vulnerabilities
An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission.
CVSS Score
4.0
EPSS Score
0.0
Published
2021-12-08
An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows local arbitrary code execution.
CVSS Score
5.3
EPSS Score
0.0
Published
2021-12-08
An improper validation vulnerability in FilterProvider prior to SMR Dec-2021 Release 1 allows attackers to write arbitrary files via a path traversal vulnerability.
CVSS Score
6.3
EPSS Score
0.0
Published
2021-12-08
An improper validation vulnerability in telephony prior to SMR Dec-2021 Release 1 allows attackers to launch certain activities.
CVSS Score
6.1
EPSS Score
0.0
Published
2021-12-08
In Browser app, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-199678035
CVSS Score
5.5
EPSS Score
0.0
Published
2021-11-18
A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov-2021 Release 1 allows attackers to read ESN value without priviledge.
CVSS Score
7.9
EPSS Score
0.0
Published
2021-11-05
Improper input validation vulnerability in HDCP prior to SMR Nov-2021 Release 1 allows attackers to arbitrary code execution.
CVSS Score
5.0
EPSS Score
0.0
Published
2021-11-05
In wifi driver, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05551397; Issue ID: ALPS05551397.
CVSS Score
7.5
EPSS Score
0.008
Published
2021-10-25
In wifi driver, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05551435; Issue ID: ALPS05551435.
CVSS Score
7.5
EPSS Score
0.007
Published
2021-10-25
In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker under certain build conditions with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05560246; Issue ID: ALPS05551383.
CVSS Score
6.5
EPSS Score
0.001
Published
2021-10-25