Total
29454 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25490 | 1 Google | 1 Android | 2024-11-21 | 3.6 LOW | 6.0 MEDIUM |
| A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged process. | |||||
| CVE-2021-25472 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| An improper access control vulnerability in BluetoothSettingsProvider prior to SMR Oct-2021 Release 1 allows untrusted application to overwrite some Bluetooth information. | |||||
| CVE-2021-25470 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 3.6 LOW | 7.9 HIGH |
| An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE. | |||||
| CVE-2021-25463 | 1 Samsung | 1 Penup | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| Improper access control vulnerability in PENUP prior to version 3.8.00.18 allows arbitrary webpage loading in webview. | |||||
| CVE-2021-25460 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| An improper access control vulnerability in sspExit() in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to terminate BlockchainTZService. | |||||
| CVE-2021-25459 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
| An improper access control vulnerability in sspInit() in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to start BlockchainTZService. | |||||
| CVE-2021-25453 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.1 MEDIUM |
| Some improper access control in Bluetooth APIs prior to SMR Sep-2021 Release 1 allows untrusted application to get Bluetooth information. | |||||
| CVE-2021-25448 | 1 Samsung | 1 Smart Touch Call | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper access control vulnerability in Smart Touch Call prior to version 1.0.0.5 allows arbitrary webpage loading in webview. | |||||
| CVE-2021-25447 | 1 Samsung | 2 Smartthings, Smartthings Firmware | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause local file inclusion in webview. | |||||
| CVE-2021-25446 | 1 Samsung | 2 Smartthings, Smartthings Firmware | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause arbitrary webpage loading in webview. | |||||
| CVE-2021-25440 | 1 Samsung | 1 Factorycamerafb | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Improper access control vulnerability in FactoryCameraFB prior to version 3.4.74 allows untrusted applications to access arbitrary files with an escalated privilege. | |||||
| CVE-2021-25439 | 2 Google, Samsung | 2 Android, Members | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbitrary webpage loading in webview. | |||||
| CVE-2021-25438 | 2 Google, Samsung | 2 Android, Members | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause local file inclusion in webview. | |||||
| CVE-2021-25437 | 1 Linux | 1 Tizen | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Improper access control vulnerability in Tizen FOTA service prior to Firmware update JUL-2021 Release allows attackers to arbitrary code execution by replacing FOTA update file. | |||||
| CVE-2021-25433 | 1 Linux | 1 Tizen | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| Improper authorization vulnerability in Tizen factory reset policy prior to Firmware update JUL-2021 Release allows untrusted applications to perform factory reset using dbus signal. | |||||
| CVE-2021-25431 | 2 Google, Samsung | 2 Android, Cameralyzer | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Improper access control vulnerability in Cameralyzer prior to versions 3.2.1041 in 3.2.x, 3.3.1040 in 3.3.x, and 3.4.4210 in 3.4.x allows untrusted applications to access some functions of Cameralyzer. | |||||
| CVE-2021-25426 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Improper component protection vulnerability in SmsViewerActivity of Samsung Message prior to SMR July-2021 Release 1 allows untrusted applications to access Message files. | |||||
| CVE-2021-25417 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Improper authorization in SDP SDK prior to SMR JUN-2021 Release 1 allows access to internal storage. | |||||
| CVE-2021-25412 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| An improper access control vulnerability in genericssoservice prior to SMR JUN-2021 Release 1 allows local attackers to execute protected activity with system privilege via untrusted applications. | |||||
| CVE-2021-25405 | 1 Samsung | 1 Notes | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4.2.04.27 allows untrusted applications to access local files. | |||||