775 matches found
CVE-2020-0210
In removeSharedAccountAsUser of AccountManager.java, there is a possible permissions bypass to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID:...
CVE-2020-0036
In hasPermissions of PermissionMonitor.java, there is a possible access to restricted permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2020-0391
In applyPolicy of PackageManagerService.java, there is possible arbitrary command execution as System due to an unenforced protected-broadcast. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2020-0118
In addListener of RegionSamplingThread.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...
CVE-2020-0172
In Parseart of easmdls.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-127312550...
CVE-2020-0189
In ihevcddecode of ihevcddecode.c, there is possible resource exhaustion due to an infinite loop. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139939283...
CVE-2020-0187
In engineSetMode of BaseBlockCipher.java, there is a possible incorrect cryptographic algorithm chosen due to an incomplete comparison. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2020-0143
In nfadmndeffindnexthandler of nfadmndef.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of heap data via compromised device firmware with System execution privileges needed. User interaction is not needed for...
CVE-2020-0196
In RegisterNotificationResponse::GetEvent of registernotificationpacket.cc, there is a possible abort due to improper input validation. This could lead to remote denial of service of the Bluetooth service, over Bluetooth, with no additional execution privileges needed. User interaction is not...
CVE-2020-0031
In triggerAugmentedAutofillLocked and related functions of Session.java, it is possible for Augmented Autofill to display sensitive information to the user inappropriately. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed f...
CVE-2020-0084
In several functions of NotificationManagerService.java, there are missing permission checks. This could lead to local escalation of privilege by creating fake system notifications with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2020-0381
In Parsewave of easmdls.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote information disclosure in a highly constrained process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2020-0174
In Parseptbl of easmdls.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-127313537...
PT-2024-12703 · Tcl +1 · Tcl 30Z +4
Name of the Vulnerable Software and Affected Versions: TCL 30Z versions 12/SP1A.210812.016/LV8E through 12/SP1A.210812.016/vU6X TCL A3X versions 11/RKQ1.201202.002/vAAZ through 11/RKQ1.201202.002/vABS TCL 20XE versions 11/RP1A.200720.011/PB7I-0 through 11/RP1A.200720.011/PB83-0 TCL 10L versions...
PT-2024-12701 · Tcl · Tcl A3X +1
Name of the Vulnerable Software and Affected Versions: TCL 30Z versions TCL/4188R/Jetta ATT:12/SP1A.210812.016/LV8E:user/release-keys through TCL/T602DL/Jetta TF:12/SP1A.210812.016/vU6X:user/release-keys TCL A3X versions TCL/A600DL/Delhi TF:11/RKQ1.201202.002/vAAZ:user/release-keys through...
CVE-2023-20945
In phNciNfcMfCreateXchgDataHdr of phNxpExtnsMifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2023-20944
In run of ChooseTypeAndAccountActivity.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2023-20943
In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...
CVE-2023-20933
In several functions of MediaCodec.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-...
PT-2023-17733 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: The issue is related to a possible escalation of privilege due to unsafe deserialization in the ChooseTypeAndAccountActivity.java file. This could lead to local escalation of privile...