Intent redirection in Samsung Experience Service versions 10.8.0.4 in Android P(9.0) below, and 12.2.0.5 in Android Q(10.0) above allows attacker to execute privileged action.
CWE-269
CVE-2021-25362
An improper permission management in CertInstaller prior to SMR APR-2021 Release 1 allows untrusted applications to delete certain local files.
CVE-2021-25363
An improper access control in ActivityManagerService prior to SMR APR-2021 Release 1 allows untrusted applications to access running processesdelete some local files.
CVE-2021-24289
There is functionality in the Store Locator Plus for WordPress plugin through 5.5.14 that made it possible for authenticated users to update their user meta data to become an administrator on any site using the plugin.
CVE-2021-24207
By default, the WP Page Builder WordPress plugin before 1.2.4 allows subscriber-level users to edit and make changes to any and all posts pages – user roles must be specifically blocked from editing posts and pages.
CVE-2021-24096
Windows Kernel Elevation of Privilege Vulnerability