CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-39702

In onCreate of RequestManageCredentials.java, there is a possible way for a third party app to install certificates without user approval due to a tapjacking/overlay attack. This could lead to local e ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：28 | 回复：0
CVE-2021-39703

In updateState of UsbDeviceManager.java, there is a possible unauthorized access of files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privil ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：19 | 回复：0
CVE-2021-39704

In deleteNotificationChannelGroup of NotificationManagerService.java, there is a possible way to run foreground service without user notification due to a permissions bypass. This could lead to local ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：25 | 回复：0
CVE-2021-39705

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：33 | 回复：0
CVE-2021-39706

In onResume of CredentialStorage.java, there is a possible way to cleanup content of credentials storage due to a missing permission check. This could lead to local escalation of privilege with no add ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：31 | 回复：0
CVE-2021-39707

In onReceive of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. This could lead to local escalation of privilege with no addit ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：36 | 回复：0
CVE-2021-39708

In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution pri ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：50 | 回复：0
CVE-2021-39709

In sendSipAccountsRemovedNotification of SipAccountRegistry.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execu ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：40 | 回复：0
CVE-2021-39710

Product: AndroidVersions: Android kernelAndroid ID: A-202160245References: N/A……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：49 | 回复：0
CVE-2021-39711

In bpf_prog_test_run_skb of test_run.c, there is a possible out of bounds read due to Incorrect Size Value. This could lead to local information disclosure with System execution privileges needed. Use ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：40 | 回复：0
CVE-2021-39712

In TBD of TBD, there is a possible user after free vulnerability due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：46 | 回复：0
CVE-2021-39713

Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：42 | 回复：0
CVE-2021-39714

In ion_buffer_kmap_get of ion.c, there is a possible use-after-free due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：33 | 回复：0
CVE-2021-39715

In __show_regs of process.c, there is a possible leak of kernel memory and addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：34 | 回复：0
CVE-2021-39716

Product: AndroidVersions: Android kernelAndroid ID: A-206977562References: N/A……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：38 | 回复：0
CVE-2021-39717

In iaxxx_btp_write_words of iaxxx-btp.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges neede ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：41 | 回复：0
CVE-2021-39718

In ProtocolStkProactiveCommandAdapter::Init of protocolstkadapter.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with S ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：45 | 回复：0
CVE-2021-39719

In lwis_top_register_io of lwis_device_top.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges need ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：38 | 回复：0
CVE-2021-39720

Product: AndroidVersions: Android kernelAndroid ID: A-207433926References: N/A……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：51 | 回复：0
CVE-2021-39721

In TBD of TBD, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not neede ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：53 | 回复：0
CVE-2021-39722

In ProtocolStkProactiveCommandAdapter::Init of protocolstkadapter.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with Sys ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：70 | 回复：0
CVE-2021-39723

Product: AndroidVersions: Android kernelAndroid ID: A-209014813References: N/A……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：63 | 回复：0
CVE-2021-39724

In TuningProviderBase::GetTuningTreeSet of tuning_provider_base.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System ex ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：76 | 回复：0
CVE-2021-39725

In gasket_free_coherent_memory_all of gasket_page_table.c, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with System execution privileges ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：87 | 回复：0
CVE-2021-39726

In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：97 | 回复：0
CVE-2021-39727

In eicPresentationRetrieveEntryValue of acropora/app/identity/libeic/EicPresentation.c, there is a possible information disclosure due to a race condition. This could lead to local information disclos ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：132 | 回复：0
CVE-2021-39729

In the TitanM chip, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：82 | 回复：0
CVE-2021-39730

In TBD of TBD, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not ne ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：100 | 回复：0
CVE-2021-39731

In ProtocolStkProactiveCommandAdapter::Init of protocolstkadapter.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with S ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：92 | 回复：0
CVE-2021-39732

In copy_io_entries of lwis_ioctl.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：94 | 回复：0
CVE-2021-39733

In amcs_cdev_unlocked_ioctl of audiometrics.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileg ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：127 | 回复：0
CVE-2021-39734

In sendMessage of OneToOneChatImpl.java (? TBD), there is a possible way to send an RCS message without permissions due to a missing permission check. This could lead to local escalation of privilege ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：130 | 回复：0
CVE-2021-39735

In gasket_alloc_coherent_memory of gasket_page_table.c, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：136 | 回复：0
CVE-2021-39736

In prepare_io_entry and prepare_response of lwis_ioctl.c and lwis_periodic_io.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege wi ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：129 | 回复：0
CVE-2021-39737

Product: AndroidVersions: Android kernelAndroid ID: A-208229524References: N/A……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：121 | 回复：0
CVE-2021-39792

In usb_gadget_giveback_request of core.c, there is a possible use after free out of bounds read due to a race condition. This could lead to local information disclosure with System execution privilege ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：144 | 回复：0
CVE-2021-39793

In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execut ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：161 | 回复：0
CVE-2021-40734

Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability when parsing a SVG file, potentially resulting in arbitrary code execution in the context of the current user ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：286 | 回复：0
CVE-2021-40735

Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is re ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：182 | 回复：0
CVE-2021-40736

Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is re ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:53 | 阅读：126 | 回复：0