Lucene search
K

215 matches found

OSV
OSV
added 2020/08/31 9:15 p.m.2 views

CVE-2020-25055

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. The persona service allows attackers who control an unprivileged SecureFolder process to bypass admin restrictions in KnoxContainer. The Samsung ID is SVE-2020-18133 August 2020...

9.8CVSS7.2AI score0.00438EPSS
Exploits0References1
OSV
OSV
added 2020/08/11 8:15 p.m.5 views

CVE-2020-0247

In Threshold::getHistogram of ImageProcessHelper.java, there is a possible crash loop due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-8.0...

5.5CVSS6.8AI score0.0014EPSS
Exploits0References1
OSV
OSV
added 2020/08/11 8:15 p.m.4 views

CVE-2020-0241

In NuPlayerStreamListener of NuPlayerStreamListener.cpp, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0...

7.8CVSS5.9AI score0.00251EPSS
Exploits0References1
OSV
OSV
added 2020/08/11 8:15 p.m.5 views

ALPINE-CVE-2020-0256

In LoadPartitionTable of gpt.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when inserting a malicious USB device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

6.8CVSS6.7AI score0.00214EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/08/11 12:0 a.m.4 views

PT-2020-11593 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions 8.0 through 10 Description: A logic flaw in the Settings app could lead to a confused deputy attack due to a race condition in the updatePreferenceIntents of AccountTypePreferenceLoader. This could result in local escalation ...

7CVSS7AI score0.00129EPSS
Exploits0References10
CNVD
CNVD
added 2020/08/04 12:0 a.m.2 views

Google Android Media Framework elevation of privilege vulnerability (CNVD-2020-44370)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the Media Framework component of Google Android 8.0, 8.1, 9, and 10, which can be exploited by an attacker to...

7.8CVSS7.2AI score0.00251EPSS
Exploits0References1
OSV
OSV
added 2020/07/17 9:15 p.m.4 views

CVE-2020-0227

In onCommand of CompanionDeviceManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing background data usage or launching from the background, with no additional execution privileges needed. User...

7.8CVSS7.2AI score0.00268EPSS
Exploits0References1
OSV
OSV
added 2020/07/17 9:15 p.m.3 views

CVE-2020-0122

In the permission declaration for com.google.android.providers.gsf.permission.WRITEGSERVICES in AndroidManifest.xml, there is a possible permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...

6.7CVSS6.7AI score0.00171EPSS
Exploits0References1
OSV
OSV
added 2020/07/07 2:15 p.m.3 views

CVE-2020-15578

An issue was discovered on Samsung mobile devices with O8.x software. FactoryCamera does not properly restrict runtime permissions. The Samsung ID is SVE-2020-17270 July 2020...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References1
OSV
OSV
added 2020/07/07 2:15 p.m.3 views

CVE-2020-15583

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. StickerProvider allows directory traversal for access to system files. The Samsung ID is SVE-2020-17665 July 2020...

5.5CVSS6.1AI score0.00213EPSS
Exploits0References1
OSV
OSV
added 2020/07/07 2:15 p.m.2 views

CVE-2020-15579

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. Attackers can bypass Factory Reset Protection FRP via the KNOX API. The Samsung ID is SVE-2020-17318 July 2020...

7.5CVSS7.1AI score0.00364EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/06/11 12:0 a.m.4 views

PT-2020-11573 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-8.0 through Android-11 Description: The issue is related to a possible leak of Bluetooth information due to a permissions bypass in the onCreate method of ConfirmConnectActivity.java. This could lead to local escalati...

7.8CVSS7.3AI score0.00277EPSS
Exploits0References4
OSV
OSV
added 2020/06/04 6:15 p.m.3 views

CVE-2020-13834

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 with TEEGRIS software. Secure Folder does not properly restrict use of Android Debug Bridge adb for arbitrary installations. The Samsung ID is SVE-2020-17369 June 2020...

7.5CVSS5.9AI score0.00333EPSS
Exploits0References1
OSV
OSV
added 2020/06/04 6:15 p.m.4 views

CVE-2020-13836

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. HWRResProvider allows path traversal for data exposure. The Samsung ID is SVE-2020-16954 June 2020...

7.5CVSS5.8AI score0.00492EPSS
Exploits0References1
OSV
OSV
added 2020/05/14 9:15 p.m.4 views

CVE-2020-0101

In BnCrypto::onTransact of ICrypto.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1...

5.5CVSS6.2AI score0.0014EPSS
Exploits0References1
OSV
OSV
added 2020/05/14 9:15 p.m.1 views

DEBIAN-CVE-2020-0093

In exifdatasavedataentry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0...

5CVSS7.2AI score0.00301EPSS
Exploits0References1
OSV
OSV
added 2020/05/14 9:15 p.m.3 views

ALPINE-CVE-2020-0093

In exifdatasavedataentry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0...

5CVSS5.3AI score0.00301EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/06 12:0 a.m.2 views

Google Android System elevation of privilege vulnerability (CNVD-2020-27128)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the System component of Google Android 8.0, 8.1, 9, and 10. An attacker can exploit this vulnerability to elevate...

7.8CVSS7.2AI score0.0016EPSS
Exploits0References1
OSV
OSV
added 2020/04/17 7:15 p.m.4 views

CVE-2020-0072

In rwt2thandletlvdetectrsp of rwt2tndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8....

9.8CVSS7.8AI score0.01338EPSS
Exploits0References1
OSV
OSV
added 2020/04/17 2:15 p.m.3 views

CVE-2019-20785

An issue was discovered on LG mobile devices with Android OS 8.0 and 8.1 software for the DTAG carrier. RILD in the radio layer uses an uninitialized variable. The LG ID is LVE-SMP-180013 January 2019...

6.8CVSS5.8AI score0.0014EPSS
Exploits0References1
Rows per page
Query Builder