Total
7377 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-1015 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| In getMeidForSlot of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-186530496 | |||||
| CVE-2021-0995 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| In registerSuggestionConnectionStatusListener of WifiServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-197536547 | |||||
| CVE-2021-0994 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| In requestRouteToHostAddress of ConnectivityService.java, there is a possible way to determine whether an app is installed, without query permissions, due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-193801134 | |||||
| CVE-2021-0992 | 1 Google | 1 Android | 2024-11-21 | 1.9 LOW | 3.3 LOW |
| In onCreate of PaymentDefaultDialog.java, there is a possible way to change a default payment app without user consent due to tapjack overlay. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-180104327 | |||||
| CVE-2021-0991 | 1 Google | 1 Android | 2024-11-21 | 2.7 LOW | 2.4 LOW |
| In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-181588752 | |||||
| CVE-2021-0990 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| In getDeviceId of PhoneSubInfoController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-185591180 | |||||
| CVE-2021-0989 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| In hasManageOngoingCallsPermission of TelecomServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-194105812 | |||||
| CVE-2021-0988 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| In getLaunchedFromUid and getLaunchedFromPackage of ActivityClientController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-191954233 | |||||
| CVE-2021-0987 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| In getNeighboringCellInfo of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-190619791 | |||||
| CVE-2021-0983 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible disclosure of information about installed device/profile owner package name due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-192245204 | |||||
| CVE-2021-0982 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| In getOrganizationNameForUser of DevicePolicyManagerService.java, there is a possible organization name disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-192368508 | |||||
| CVE-2021-0978 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| In getSerialForPackage of DeviceIdentifiersPolicyService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-192587406 | |||||
| CVE-2021-0187 | 1 Intel | 106 Xeon Gold 5315y, Xeon Gold 5315y Firmware, Xeon Gold 5317 and 103 more | 2024-11-21 | N/A | 3.2 LOW |
| Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. | |||||
| CVE-2020-9986 | 1 Apple | 1 Mac Os X | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| A file access issue existed with certain home folder files. This was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.7. A malicious application may be able to read sensitive location information. | |||||
| CVE-2020-9959 | 1 Apple | 2 Ipad Os, Iphone Os | 2024-11-21 | 2.1 LOW | 2.4 LOW |
| A lock screen issue allowed access to messages on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 14.0 and iPadOS 14.0. A person with physical access to an iOS device may be able to view notification contents from the lockscreen. | |||||
| CVE-2020-9933 | 1 Apple | 4 Ipad Os, Iphone Os, Tvos and 1 more | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| An authorization issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8. A malicious application may be able to read sensitive location information. | |||||
| CVE-2020-9912 | 1 Apple | 1 Safari | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1.2. A malicious attacker may be able to change the origin of a frame for a download in Safari Reader mode. | |||||
| CVE-2020-9848 | 1 Apple | 2 Ipad Os, Iphone Os | 2024-11-21 | 2.1 LOW | 2.4 LOW |
| An authorization issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5. A person with physical access to an iOS device may be able to view notification contents from the lockscreen. | |||||
| CVE-2020-9786 | 1 Apple | 1 Mac Os X | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| This issue was addressed with improved checks This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra. An application may be able to trigger a sysdiagnose. | |||||
| CVE-2020-9780 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| The issue was resolved by clearing application previews when content is deleted. This issue is fixed in iOS 13.4 and iPadOS 13.4. A local user may be able to view deleted content in the app switcher. | |||||