Satheesh575555

52 exploits Active since Aug 2014
CVE-2021-0330 NOMISEC HIGH WORKING POC
Android - Use-After-Free in storaged.cpp
In add_user_ce and remove_user_ce of storaged.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in storaged with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-170732441
CVSS 7.8
CVE-2021-0331 NOMISEC HIGH WRITEUP
Android 8.1-11 - Local Privilege Escalation via Notification Access Overlay Attack
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. This could lead to local escalation of privilege and notification access with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-170731783
CVSS 7.3
CVE-2021-0332 NOMISEC HIGH WORKING POC
Android -11, Android-10 - Memory Corruption
In bootFinished of SurfaceFlinger.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-169256435
CVSS 7.8
CVE-2021-0333 NOMISEC HIGH WRITEUP
Android - Tapjacking Permissions Bypass via Bluetooth Permission Dialog Overlay
In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-168504491
CVSS 7.3
CVE-2021-0340 NOMISEC HIGH WRITEUP
Android 10 - Unredacted Location Information Leak in IsoInterface.java
In parseNextBox of IsoInterface.java, there is a possible leak of unredacted location information due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-134155286
CVSS 8.8
CVE-2021-0396 NOMISEC CRITICAL STUB
Android <11 - Remote Code Execution
In Builtins::Generate_ArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-160610106
CVSS 9.8
CVE-2021-0397 NOMISEC CRITICAL WRITEUP
Android - Double Free in sdp_copy_raw_data
In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174052148
CVSS 9.8
CVE-2021-0478 NOMISEC HIGH WORKING POC
Android - Local Privilege Escalation via StatusBarIconView Exception Handling
In updateDrawable of StatusBarIconView.java, there is a possible permission bypass due to an uncaught exception. This could lead to local escalation of privilege by running foreground services without notifying the user, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-169255797
CVSS 7.8
CVE-2021-0506 NOMISEC HIGH WRITEUP
Android - Tapjacking/Overlay Attack via ActivityPicker Intent Resolution
In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-181962311
CVSS 7.3
CVE-2021-0516 NOMISEC CRITICAL WORKING POC
Android - Out-of-bounds Read and Write via Use-After-Free in p2p_process_prov_disc_req
In p2p_process_prov_disc_req of p2p_pd.c, there is a possible out of bounds read and write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-181660448
CVSS 9.8
CVE-2021-0589 NOMISEC HIGH WRITEUP
Android -11,8.1,9,10 - Privilege Escalation
In BTM_TryAllocateSCN of btm_scn.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-180939982
CVSS 7.8
CVE-2021-0594 NOMISEC HIGH WRITEUP
Android - Remote Privilege Escalation via Bluetooth ConfirmConnectActivity Input Validation Bypass
In onCreate of ConfirmConnectActivity, there is a possible remote bypass of user consent due to improper input validation. This could lead to remote (proximal, NFC) escalation of privilege allowing an attacker to deceive a user into allowing a Bluetooth connection with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-176445224
CVSS 8.0
CVE-2021-0600 NOMISEC HIGH WRITEUP
Android 8.1-11 - Local Privilege Escalation via Device Admin Activation
In onCreate of DeviceAdminAdd.java, there is a possible way to mislead a user to activate a device admin app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-179042963
CVSS 7.8
CVE-2020-0136 NOMISEC HIGH WORKING POC
Android 10 - Integer Overflow to Out-of-Bounds Write in Parcel.cpp
In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-120078455
CVSS 7.8
CVE-2020-0439 NOMISEC HIGH WORKING POC
Android 8.0-11 - Unauthenticated Permissions Bypass via PackageManagerService
In generatePackageInfo of PackageManagerService.java, there is a possible permissions bypass due to an incorrect permission check. This could lead to local escalation of privilege that allows instant apps access to permissions not allowed for instant apps, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-140256621
CVSS 7.8
CVE-2020-0416 NOMISEC HIGH WORKING POC
Android - Local Privilege Escalation via Tapjacking in Settings Screens
In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.0 Android-8.1Android ID: A-155288585
CVSS 8.8
CVE-2020-0413 NOMISEC HIGH WORKING POC
Android 8.0-11 - Out-of-bounds Read in gatt_process_read_by_type_rsp
In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-158778659
CVSS 7.5
CVE-2020-0401 NOMISEC HIGH WORKING POC
Android - Missing Authorization in PackageManagerService
In setInstallerPackageName of PackageManagerService.java, there is a missing permission check. This could lead to local escalation of privilege and granting spurious permissions with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-150857253
CVSS 7.8
CVE-2020-0392 NOMISEC HIGH WORKING POC
Android - Use-After-Free in SurfaceFlinger
In getLayerDebugInfo of SurfaceFlinger.cpp, there is a possible code execution due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-150226608
CVSS 7.8
CVE-2020-0377 NOMISEC HIGH WORKING POC
Android 8.0-11 - Out-of-bounds Read in gatt_process_read_by_type_rsp
In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-158833854
CVSS 7.5
CVE-2020-0245 NOMISEC HIGH WORKING POC
Android - Out-of-bounds Write in DecodeFrameCombinedMode
In DecodeFrameCombinedMode of combined_decode.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-152496149
CVSS 8.8
CVE-2020-0219 NOMISEC HIGH WORKING POC
Android - Local Privilege Escalation via SliceDeepLinkSpringBoard Intent Handling
In onCreate of SliceDeepLinkSpringBoard.java there is a possible insecure Intent. This could lead to local elevation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-122836081
CVSS 7.8
CVE-2020-0188 NOMISEC HIGH WORKING POC
Android 10 - Local Privilege Escalation via PendingIntent Error in SettingsSliceProvider
In onCreatePermissionRequest of SettingsSliceProvider.java, there is a possible permissions bypass due to a PendingIntent error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147355897
CVSS 7.8
CVE-2020-0138 NOMISEC CRITICAL WORKING POC
Android 10 - Out-of-bounds Write in btif_rc.cc get_element_attr_rsp
In get_element_attr_rsp of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if bluetoothtbd were used, which it isn't in typical Android platforms, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142878416
CVSS 9.8
CVE-2019-15166 NOMISEC LOW WRITEUP
tcpdump < 4.9.3 - Buffer Overflow in lmp_print_data_link_subobjs
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
CVSS 1.6