Lucene search
+L

158 matches found

osv
osv
added 2020/10/14 2:15 p.m.5 views

CVE-2020-0400

In showDataRoamingNotification of NotificationMgr.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

5.5CVSS6.7AI score0.00196EPSS
Exploits0References1
osv
osv
added 2020/09/18 4:15 p.m.3 views

CVE-2020-0313

In NotificationManagerService, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154917989...

5.5CVSS6.2AI score0.00159EPSS
Exploits1References1
osv
osv
added 2020/09/17 9:15 p.m.3 views

CVE-2020-0338

In checkKeyIntent of AccountManagerService.java, there is a possible permission bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-9Android ID: A-123700107...

5CVSS6AI score0.00156EPSS
Exploits0References1
osv
osv
added 2020/09/17 4:15 p.m.5 views

CVE-2020-0395

In showNotification of EmergencyCallbackModeService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

5.5CVSS6.7AI score0.00175EPSS
Exploits0References1
osv
osv
added 2020/09/17 4:15 p.m.4 views

CVE-2020-0397

In getNotificationBuilder of CarrierServiceStateTracker.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

5.5CVSS6.7AI score0.00175EPSS
Exploits0References1
osv
osv
added 2020/09/17 4:15 p.m.3 views

CVE-2020-0390

In the app zygote SE Policy, there is a possible permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-157598026...

5.5CVSS6.2AI score0.00142EPSS
Exploits0References1
osv
osv
added 2020/09/17 4:15 p.m.6 views

CVE-2020-0382

In RunInternal of dumpstate.cpp, there is a possible user consent bypass due to an uncaught exception. This could lead to local information disclosure of bug report data with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

2.3CVSS5.9AI score0.00152EPSS
Exploits0References1
osv
osv
added 2020/06/15 2:15 p.m.0 views

DEBIAN-CVE-2020-0543

Incomplete cleanup from specific special register read operations in some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

5.5CVSS6.8AI score0.0054EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2020/06/15 12:0 a.m.16 views

PT-2020-1264 · Sqlite +9 · Sqlite +9

Name of the Vulnerable Software and Affected Versions: SQLite versions prior to 3.32.3 Description: The issue is related to a heap overflow in SQLite due to the misuse of transitive properties for constant propagation, which can lead to local information disclosure. This is caused by a missing...

9.8CVSS7.5AI score0.88077EPSS
Exploits28References620
osv
osv
added 2020/06/11 3:15 p.m.3 views

CVE-2020-0147

In btuhcifescoconnectionchgevt of btuhcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product:...

4.4CVSS6.5AI score0.00143EPSS
Exploits0References1
osv
osv
added 2020/06/11 3:15 p.m.3 views

CVE-2020-0154

In nciproccorersp of ncihrcv.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product:...

4.4CVSS6.5AI score0.00143EPSS
Exploits0References1
osv
osv
added 2020/05/14 9:15 p.m.4 views

CVE-2020-0104

In onShowingStateChanged of KeyguardStateMonitor.java, there is a possible inappropriate read due to a logic error. This could lead to local information disclosure of keyguard-protected data with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

5.5CVSS6.2AI score0.00167EPSS
Exploits0References1
osv
osv
added 2019/09/27 7:15 p.m.3 views

CVE-2019-9296

In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112162089...

5CVSS6.6AI score0.00164EPSS
Exploits0References1
osv
osv
added 2019/04/19 8:29 p.m.3 views

CVE-2019-2038

In rwi93processsysinfo of rwi93.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1...

5.5CVSS6.5AI score0.00436EPSS
Exploits0References1
osv
osv
added 2019/02/28 5:29 p.m.4 views

CVE-2019-1995

In ComposeActivityEmail of ComposeActivityEmail.java, there is a possible way to silently attach files to an email due to a confused deputy. This could lead to local information disclosure, sending files accessible to AOSP Mail to a remote email recipient, with no additional execution privileges...

5.5CVSS5.9AI score0.00179EPSS
Exploits0References2
cnvd
cnvd
added 2018/08/16 12:0 a.m.3 views

Intel CPU Foreshadow-NG (foreshadow next-generation version) Vulnerability

The L1 Terminal Malfunction OS/SMM vulnerability is different for Intel CPUs with SGX Software Protection Extensions technology, and may also affect CPUs from other vendors. With the speculative execution of a side-channel attack, an attacker with local user access could achieve an unauthorized...

5.6CVSS6.4AI score0.05577EPSS
Exploits0References1
osv
osv
added 2017/05/12 3:29 p.m.5 views

CVE-2016-10294

An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...

4.7CVSS5.8AI score0.00864EPSS
Exploits0References1
osv
osv
added 2016/09/25 10:59 a.m.4 views

CVE-2016-4755

Terminal in Apple OS X before 10.12 uses weak permissions for the .bashhistory and .bashsession files, which allows local users to obtain sensitive information via unspecified vectors...

5.5CVSS7.3AI score0.00331EPSS
Exploits0References4
Rows per page
Query Builder