Lucene search
K

2494 matches found

CVE
CVE
added 2020/09/17 3:43 p.m.108 views

CVE-2020-0393

CVE-2020-0393 affects Android during 9–11 in the Media Framework: decrypt and decrypt_1_2 in CryptoPlugin.cpp allow an out-of-bounds read due to a missing bounds check, enabling local information disclosure without user interaction. The issue is documented in multiple sources (NVD/NVD CVSS detail...

5.5CVSS5AI score0.00158EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/09/17 3:40 p.m.23 views

CVE-2020-0382

In RunInternal of dumpstate.cpp, there is a possible user consent bypass due to an uncaught exception. This could lead to local information disclosure of bug report data with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

3.6AI score0.00152EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/09/17 3:21 p.m.27 views

CVE-2020-0074

In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...

8AI score0.00219EPSS
Exploits0References1
Android Security Bulletins
Android Security Bulletins
added 2020/08/25 12:0 a.m.132 views

Android 11 Security Release NotesStay organized with collectionsSave and categorize content based on your preferences.

This Android Security Release Notes contains details of security vulnerabilities affecting Android devices which are addressed as part of Android 11. Android 11 devices with a security patch level of 2020-09-01 or later are protected against these issues Android 11, as released on AOSP, has a...

9.8CVSS8.2AI score0.04022EPSS
Exploits1
NVD
NVD
added 2020/06/11 3:15 p.m.17 views

CVE-2020-0213

In hevcdfmtconv420spto420spav8 of ihevcdfmtconv420spto420sp.s, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android...

6.5CVSS0.00858EPSS
Exploits0References1
NVD
NVD
added 2020/06/11 3:15 p.m.28 views

CVE-2020-0202

In onHandleIntent of TraceService.java, there is a possible bypass of developer settings requirements for capturing system traces due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

7.8CVSS0.00399EPSS
Exploits0References1
Prion
Prion
added 2020/06/11 3:15 p.m.15 views

Heap overflow

In hevcdfmtconv420spto420spav8 of ihevcdfmtconv420spto420sp.s, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android...

4.3CVSS6.4AI score0.00858EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/06/11 3:15 p.m.14 views

Input validation

In onHandleIntent of TraceService.java, there is a possible bypass of developer settings requirements for capturing system traces due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

6.8CVSS7.6AI score0.00399EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/06/11 2:43 p.m.255 views

CVE-2020-0215

CVE-2020-0215 affects Android devices via a leak in ConfirmConnectActivity.java related to a permissions bypass that exposes the Bluetooth MAC address. The vulnerability could enable local elevation of privilege to access pairing information, with user interaction required for exploitation. Affec...

7.8CVSS7.3AI score0.00277EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/06/11 2:43 p.m.213 views

CVE-2020-0213

CVE-2020-0213 affects Android Media Framework (ihevcd_fmt_conv_420sp_to_420sp_av8) and is caused by a heap buffer overflow leading to a possible out-of-bounds write. Impact: remote information disclosure with no execution privileges required, exploitable with user interaction. Affected products/v...

6.5CVSS6.5AI score0.00858EPSS
Exploits0References1Affected Software1
Wired Threat Level
Wired Threat Level
added 2020/06/10 4:59 p.m.30 views

Android 11 Will Help You Rein In Zombie App Permissions

The latest update to Google's operating system has a host of privacy and security improvements...

1.9AI score
Exploits0
NVD
NVD
added 2019/12/06 11:15 p.m.28 views

CVE-2019-2219

In several functions of NotificationManagerService.java and related files, there is a possible way to record audio from the background without notification to the user due to a permission bypass. This could lead to local escalation of privilege with User execution privileges needed. User...

4.7CVSS5AI score0.00148EPSS
Exploits0References1
Prion
Prion
added 2019/12/06 11:15 p.m.23 views

Design/Logic Flaw

In several functions of NotificationManagerService.java and related files, there is a possible way to record audio from the background without notification to the user due to a permission bypass. This could lead to local escalation of privilege with User execution privileges needed. User...

4.7CVSS5.1AI score0.00148EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/12/06 10:40 p.m.26 views

CVE-2019-2219

In several functions of NotificationManagerService.java and related files, there is a possible way to record audio from the background without notification to the user due to a permission bypass. This could lead to local escalation of privilege with User execution privileges needed. User...

5AI score0.00148EPSS
Exploits0References1
Rows per page
Query Builder