Shodan
Vulnerabilities
Vulnerable Software
Google:  >> Android  >> 9.0  Security Vulnerabilities
CVE-2021-0484
In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-173720767
CVSS Score
5.5
EPSS Score
0.0
Published
2021-06-11
CVE-2021-25413
Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows local attackers to get permissions to access arbitrary data with Samsung Contacts privilege.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-06-11
CVE-2021-25414
Improper sanitization of incoming intent in Samsung Contacts prior to SMR JUN-2021 Release 1 allows local attackers to copy or overwrite arbitrary files with Samsung Contacts privilege.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-06-11
CVE-2021-25417
Improper authorization in SDP SDK prior to SMR JUN-2021 Release 1 allows access to internal storage.
CVSS Score
7.5
EPSS Score
0.001
Published
2021-06-11
CVE-2021-25397
An improper access control vulnerability in TelephonyUI prior to SMR MAY-2021 Release 1 allows local attackers to write arbitrary files of telephony process via untrusted applications.
CVSS Score
6.8
EPSS Score
0.0
Published
2021-06-11
CVE-2021-25403
Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0) and above allows attacker to access contacts and file provider using SettingWebView component.
CVSS Score
3.3
EPSS Score
0.001
Published
2021-06-11
CVE-2021-25407
A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-06-11
CVE-2021-25408
A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-06-11
CVE-2021-25383
An improper input validation vulnerability in scmn_mfal_read() in libsapeextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.
CVSS Score
9.0
EPSS Score
0.002
Published
2021-06-11
CVE-2021-25384
An improper input validation vulnerability in sdfffd_parse_chunk_PROP() with Sample Rate Chunk in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.
CVSS Score
9.0
EPSS Score
0.002
Published
2021-06-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved