215 matches found
CVE-2020-10852
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. There is a stack overflow in display driver. The Samsung ID is SVE-2019-15877 January 2020...
CVE-2020-10845
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. There is a race condition leading to a use-after-free in MTP. The Samsung ID is SVE-2019-16520 February 2020...
CVE-2020-10844
An issue was discovered on Samsung mobile devices with O8.x, P9.x, and Q10.0 software. There is an out-of-bounds read vulnerability in media.audiopolicy. The Samsung ID is SVE-2019-16333 February 2020...
CVE-2020-10831
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Attackers can trigger an update to arbitrary touch-screen firmware. The Samsung ID is SVE-2019-16013 March 2020...
CVE-2019-20535
An issue was discovered on Samsung mobile devices with O8.x and P9.0 software. A connection to a new Bluetooth devices can be established from the lock screen. The Samsung ID is SVE-2019-15533 December 2019...
CVE-2019-20532
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Attackers can access the Developer options without authentication. The Samsung ID is SVE-2019-15800 December 2019...
CVE-2020-0037
In rwi93smsetreadonly of rwi93.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0...
DEBIAN-CVE-2020-0034
In vp8decodeframe of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure if error correction were turned on, with no additional execution privileges needed. User interaction is not needed for exploitation.Product...
ALPINE-CVE-2020-0034
In vp8decodeframe of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure if error correction were turned on, with no additional execution privileges needed. User interaction is not needed for exploitation.Product...
UBUNTU-CVE-2020-0034
In vp8decodeframe of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure if error correction were turned on, with no additional execution privileges needed. User interaction is not needed for exploitation.Product...
CVE-2020-0026
In Parcel::continueWrite of Parcel.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1...
CVE-2020-0015
In onCreate of CertInstaller.java, there is a possible way to overlay the Certificate Installation dialog by a malicious application. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...
CVE-2020-0022
In reassembleanddispatch of packetfragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
Google Android System elevation of privilege vulnerability (CNVD-2020-04555)
Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An elevation of privilege vulnerability exists in the System component of Google Android 8.0, 8.1, 9, and 10. No details of the vulnerability are available at this time...
Google Android System elevation of privilege vulnerability (CNVD-2020-07210)
Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An elevation of privilege vulnerability exists in the System component of Google Android 8.0, 8.1, 9, and 10. No details of the vulnerability are available at this time...
CVE-2020-0006
In rwi93sendcmdwritesingleblock of rwi93.cc, there is a possible information disclosure of heap memory due to uninitialized data. This could lead to remote information disclosure in the NFC server with no additional execution privileges needed. User interaction is needed for exploitation. Product...
CVE-2020-0008
In LowEnergyClient::MtuChangedCallback of lowenergyclient.cc, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:...
CVE-2020-0002
In ih264dinitdecoder of ih264dapi.c, there is a possible out of bounds write due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation Product: Android Versions: Android-8.0, Android-8.1, Android-9...
CVE-2020-0001
In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1,...
Google Android System Information Disclosure Vulnerability (CNVD-2020-02988)
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An information disclosure vulnerability exists in the System component of Google Android 8.0, 8.1, 9, and 10. Attackers can take advantage of this vulnerability to...