EUVD-2017-1172

Malware in sbrugna...

Design/Logic Flaw

In createOrUpdate of Permission.java and related code, there is possible permission escalation due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-10...

CVE-2020-27059

In onAuthenticated of AuthenticationClient.java, there is a possible tapjacking attack when requesting the user's fingerprint due to an overlaid window. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

Google Android System Elevation of Privilege Vulnerability (CNVD-2019-30327)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the System component of Google Android 7.1.1, 7.1.2, 8.0, 8.1, and 9. No details of the vulnerability are provided...

Google Android Library Component Remote Code Execution Vulnerability

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A remote code execution vulnerability exists in the Library component of Google Android 7.0, 7.1.1, 7.1.2, 8.0, 8.1, and 9. An attacker can exploit the vulnerabilit...

Google Android System Component Information Disclosure Vulnerability (CNVD-2019-07374)

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An information disclosure vulnerability exists in the System component of Google Android 8.0, 8.1, and 9. An attacker can exploit this vulnerability to obtain information...

Integer overflow

In AMediaCodecCryptoInfonew of NdkMediaCodec.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution in external apps with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions:...

CVE-2017-0846

An information disclosure vulnerability in the Android framework clipboardservice. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64934810...

CVE-2017-13187

An information disclosure vulnerability in the Android media framework libhevc. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65034175...

CVE-2017-0809

A remote code execution vulnerability in the Android media framework libstagefright. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62673128...

UBUNTU-CVE-2017-0822

An elevation of privilege vulnerability in the Android system camera. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63787722...