CVE-2021-0734

MEDIUM Year: 2021
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-668
View all →

Vulnerability Description

In Settings, there is a possible way to determine whether an app is installed without query permissions, due to side channel information disclosure. This could lead to local information disclosure of an installed package, without proper query permissions, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-189122911

Related Vulnerabilities

CVE-2005-2351

MEDIUM
CVSS:5.5(Medium)

Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.

CWE-6682005

CVE-2008-2544

MEDIUM
CVSS:5.5(Medium)

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise.

CWE-6682008

CVE-2013-0163

MEDIUM
CVSS:5.5(Medium)

OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS

CWE-6682013

CVE-2013-4280

MEDIUM
CVSS:5.5(Medium)

Insecure temporary file vulnerability in RedHat vsdm 4.9.6.

CWE-6682013

CVE-2017-17087

MEDIUM
CVSS:5.5(Medium)

fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users...

CWE-6682017

CVE-2018-20947

MEDIUM
CVSS:5.5(Medium)

cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356).

CWE-6682018