CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2899 matches found

CNNVD•added 2021/03/02 12:0 a.m.•2 views

编号撤回

Google Android is a Linux-based open source operating system from the USGoogleOpen Handheld Alliance Google. Google Android suffers from a security vulnerability that stems from a boundary check error in Parseart in easmdls.c that may be out of scope, which could lead to the disclosure of remote...

5.9AI score

Exploits0

CNNVD•added 2021/03/02 12:0 a.m.•3 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the USGoogleOpen Handheld Alliance Google. Google Android suffers from a security vulnerability that stems from an incorrect boundary check in Parseinsh in easmdls.c, which may write out of range. This could lead to the disclosure ...

7.8CVSS7.7AI score0.00114EPSS

Exploits0References3

OSV•added 2021/02/05 2:15 p.m.•26 views

CVE-2020-36241

autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location...

5.5CVSS6.5AI score

Exploits0References4

UbuntuCve•added 2021/02/05 2:15 p.m.•35 views

CVE-2020-36241

5.5CVSS6.8AI score0.00639EPSS

Exploits1References2

OSV•added 2020/12/15 4:15 p.m.•1 views

CVE-2020-0491

In readBlock of MatroskaExtractor.cpp, there is a possible denial of service due to resource exhaustion. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156819...

6.5CVSS6.5AI score

Exploits0References1

OSV•added 2020/12/15 4:15 p.m.•1 views

CVE-2020-0489

In Parsedata of easmdls.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android...

8.8CVSS7.2AI score0.00685EPSS

Exploits0References1

NVD•added 2020/12/15 4:15 p.m.•19 views

CVE-2020-0489

8.8CVSS9.1AI score0.00685EPSS

Exploits0References1

ATTACKERKB•added 2020/12/15 4:15 p.m.•3 views

CVE-2020-0489

8.8CVSS6.3AI score0.00685EPSS

Exploits0References2

Prion•added 2020/12/15 4:15 p.m.•14 views

Out-of-bounds

6.8CVSS8.7AI score0.00685EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/12/15 3:56 p.m.•19 views

CVE-2020-0489

9.2AI score0.00685EPSS

Exploits0References1

CVE•added 2020/12/15 3:56 p.m.•42 views

CVE-2020-0489

CVE-2020-0489 involves a suspected out-of-bounds write in the Android media framework (Parse_data in eas_mdls.c) which could lead to remote code execution in the media extractor. Affected software is Android 11, notably Pixel devices. The root cause is a missing bounds check in Parse_data, enabli...

8.8CVSS9AI score0.00685EPSS

Exploits0References1Affected Software1

Metasploit•added 2020/12/04 5:41 p.m.•412 views

Windows Pulse Secure Connect Client Saved Password Extractor

This module extracts and decrypts saved Pulse Secure Connect Client passwords from the Windows Registry. This module can only access credentials created by the user that the Meterpreter session is running as. Note that this module cannot link the password to a username unless the Meterpreter...

3.8CVSS4.9AI score0.01177EPSS

Exploits1

OSV•added 2020/10/14 2:15 p.m.•3 views

CVE-2020-0411

In AACExtractor of AACExtractor.cpp, there is a possible out of bounds write due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11Andro...

6.5CVSS7AI score

Exploits0References1

CNVD•added 2020/09/18 12:0 a.m.•1 views

Google Android Media extractor cross-site scripting vulnerability

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A cross-site scripting vulnerability exists in the Android-11 version of Media extractor. The vulnerability stems from improper locking and can be exploited by an attacker to cause remote code...

8.8CVSS7.4AI score0.00559EPSS

Exploits0References1

OSV•added 2020/09/17 9:15 p.m.•2 views

CVE-2020-0353

In libmp4extractor, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-124777526...

6.5CVSS6.7AI score0.00724EPSS

Exploits0References1

OSV•added 2020/09/17 9:15 p.m.•2 views

CVE-2020-0321

In the mp3 extractor, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-155171907...

8.8CVSS7.8AI score0.00714EPSS

Exploits0References1

NVD•added 2020/09/17 9:15 p.m.•10 views

CVE-2020-0321

8.8CVSS0.00714EPSS

Exploits0References1

OSV•added 2020/09/17 9:15 p.m.•2 views

CVE-2020-0303

In the Media extractor, there is a possible use after free due to improper locking. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-1482232...

8.8CVSS7.8AI score0.00559EPSS

Exploits0References1

NVD•added 2020/09/17 9:15 p.m.•8 views

CVE-2020-0303

8.8CVSS0.00559EPSS

Exploits0References1

Prion•added 2020/09/17 9:15 p.m.•11 views

Design/Logic Flaw

6.8CVSS9AI score0.00559EPSS

Exploits0References1Affected Software1

Rows per page