Lucene search
K

587 matches found

Cvelist
Cvelist
added 2020/11/10 12:46 p.m.26 views

CVE-2020-0439

In generatePackageInfo of PackageManagerService.java, there is a possible permissions bypass due to an incorrect permission check. This could lead to local escalation of privilege that allows instant apps access to permissions not allowed for instant apps, with no additional execution privileges...

7.9AI score0.00212EPSS
Exploits0References1
Amazon
Amazon
added 2020/10/27 12:0 a.m.36 views

Medium: libexif

Issue Overview: In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions:...

8.8CVSS7.3AI score0.04059EPSS
Exploits0
NVD
NVD
added 2020/10/14 2:15 p.m.16 views

CVE-2020-0421

In appendFormatV of String8.cpp, there is a possible out of bounds write due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-...

7.8CVSS0.00266EPSS
Exploits0References1
NVD
NVD
added 2020/10/14 2:15 p.m.17 views

CVE-2020-0377

In gattprocessreadbytypersp of gattcl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS0.01891EPSS
Exploits0References1
NVD
NVD
added 2020/10/14 2:15 p.m.24 views

CVE-2020-0410

In setNotification of SapServer.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1...

5.5CVSS0.00157EPSS
Exploits0References1
NVD
NVD
added 2020/10/14 2:15 p.m.16 views

CVE-2020-0412

In setProcessMemoryTrimLevel of ActivityManagerService.java, there is a missing permission check. This could lead to local information disclosure of foreground processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

3.3CVSS0.0016EPSS
Exploits0References1
NVD
NVD
added 2020/10/14 2:15 p.m.17 views

CVE-2020-0408

In remove of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0...

7.8CVSS0.00192EPSS
Exploits0References1
Prion
Prion
added 2020/10/14 2:15 p.m.18 views

Integer overflow

In remove of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0...

7.2CVSS7.7AI score0.00192EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/10/14 2:15 p.m.25 views

Out-of-bounds

In gattprocessreadbytypersp of gattcl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

5CVSS7.1AI score0.01494EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/10/14 2:15 p.m.3 views

CVE-2020-0421

In appendFormatV of String8.cpp, there is a possible out of bounds write due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-...

7.8CVSS7.6AI score0.00266EPSS
Exploits0References2
Prion
Prion
added 2020/10/14 2:15 p.m.16 views

Out-of-bounds

In appendFormatV of String8.cpp, there is a possible out of bounds write due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-...

7.2CVSS7.7AI score0.00266EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/10/14 2:15 p.m.27 views

Default configuration

In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9...

9.3CVSS8.3AI score0.01252EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/10/14 2:15 p.m.21 views

Information disclosure

In setProcessMemoryTrimLevel of ActivityManagerService.java, there is a missing permission check. This could lead to local information disclosure of foreground processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

2.1CVSS3.6AI score0.0016EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/10/14 2:15 p.m.26 views

Information disclosure

In setNotification of SapServer.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1...

2.1CVSS5.1AI score0.00157EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/10/14 1:6 p.m.110 views

CVE-2020-0377

CVE-2020-0377 targets Android Bluetooth stack: in gatt_process_read_by_type_rsp of gatt_cl.cc, a missing bounds check allows an out-of-bounds read, enabling remote information disclosure on Bluetooth servers without extra privileges. Affected: Android 8.0–11 (Android-8.0, 8.1, 9, 10, 11) per the ...

7.8CVSS7AI score0.01891EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/10/14 1:4 p.m.31 views

CVE-2020-0410

In setNotification of SapServer.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1...

5.4AI score0.00157EPSS
Exploits0References1
CVE
CVE
added 2020/10/14 1:4 p.m.113 views

CVE-2020-0415

CVE-2020-0415 affects Android’s SystemUI: a permission bypass via an unsafe PendingIntent could enable local information disclosure of contacts with user privileges, requiring no user interaction for exploitation. The vulnerability is listed in the 2020-10 Android security bulletin under System a...

5.5CVSS5AI score0.00168EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/09/18 4:15 p.m.16 views

Code injection

In bindWallpaperComponentLocked of WallpaperManagerService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

2.1CVSS6.5AI score0.00168EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/09/17 4:15 p.m.21 views

CVE-2020-0394

In onCreate of BluetoothPairingDialog.java, there is a possible tapjacking vector due to an insecure default value. This could lead to local escalation of privilege and untrusted devices accessing contact lists with no additional execution privileges needed. User interaction is needed for...

7.8CVSS0.0027EPSS
Exploits0References1
NVD
NVD
added 2020/09/17 4:15 p.m.13 views

CVE-2020-0386

In onCreate of RequestPermissionActivity.java, there is a possible tapjacking vector due to an insecure default value. This could lead to local escalation of privilege allowing an attacker to set Bluetooth discoverability with User execution privileges needed. User interaction is needed for...

5.5CVSS0.00385EPSS
Exploits0References1
Rows per page
Query Builder