{"vulnerability": "cve-2021-3980", "sightings": [{"uuid": "53468135-e599-486b-9fc9-55c53b565c6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-39806", "type": "seen", "source": "https://t.me/cibsecurity/44519", "content": "\u203c CVE-2021-39806 \u203c\n\nIn closef of label_backends_android.c, there is a possible way to corrupt memory due to a double free. This could lead to local escalation of privilege during startup of servicemanager, if an attacker can trigger an initialization failure, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-215387420\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-15T18:20:43.000000Z"}, {"uuid": "eb28fed7-6be2-4e0f-90aa-faf8e8552d85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-39804", "type": "seen", "source": "https://t.me/cibsecurity/40621", "content": "\u203c CVE-2021-39804 \u203c\n\nIn reinit of HeifDecoderImpl.cpp, there is a possible crash due to a missing null check. This could lead to remote persistent denial of service in the file picker with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-215002587\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-12T20:16:57.000000Z"}, {"uuid": "c5411f8e-e9fd-4b9b-a2d4-dfc0e1389746", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-3980", "type": "seen", "source": "https://t.me/cibsecurity/33317", "content": "\u203c CVE-2021-3980 \u203c\n\nelgg is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-03T18:39:49.000000Z"}, {"uuid": "af328fe3-7c27-4520-a196-afaa9461306f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-39805", "type": "seen", "source": "https://t.me/cibsecurity/40630", "content": "\u203c CVE-2021-39805 \u203c\n\nIn l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-212694559\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-12T20:17:10.000000Z"}]}