Lucene search
+L

775 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:18 p.m.6 views

CVE-2020-0210

In removeSharedAccountAsUser of AccountManager.java, there is a possible permissions bypass to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID:...

7.8CVSS7.7AI score0.0017EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:17 p.m.10 views

CVE-2020-0036

In hasPermissions of PermissionMonitor.java, there is a possible access to restricted permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS6.7AI score0.00191EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:17 p.m.7 views

CVE-2020-0391

In applyPolicy of PackageManagerService.java, there is possible arbitrary command execution as System due to an unenforced protected-broadcast. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS7.7AI score0.00425EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:17 p.m.7 views

CVE-2020-0118

In addListener of RegionSamplingThread.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...

7.8CVSS7.7AI score0.00183EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:17 p.m.4 views

CVE-2020-0172

In Parseart of easmdls.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-127312550...

6.5CVSS6.7AI score0.00762EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:17 p.m.6 views

CVE-2020-0189

In ihevcddecode of ihevcddecode.c, there is possible resource exhaustion due to an infinite loop. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139939283...

6.5CVSS6.8AI score0.00635EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:17 p.m.5 views

CVE-2020-0187

In engineSetMode of BaseBlockCipher.java, there is a possible incorrect cryptographic algorithm chosen due to an incomplete comparison. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

5.5CVSS5.5AI score0.00152EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:17 p.m.7 views

CVE-2020-0143

In nfadmndeffindnexthandler of nfadmndef.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of heap data via compromised device firmware with System execution privileges needed. User interaction is not needed for...

4.4CVSS4.9AI score0.00143EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:17 p.m.5 views

CVE-2020-0196

In RegisterNotificationResponse::GetEvent of registernotificationpacket.cc, there is a possible abort due to improper input validation. This could lead to remote denial of service of the Bluetooth service, over Bluetooth, with no additional execution privileges needed. User interaction is not...

6.5CVSS6.8AI score0.00296EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:17 p.m.4 views

CVE-2020-0031

In triggerAugmentedAutofillLocked and related functions of Session.java, it is possible for Augmented Autofill to display sensitive information to the user inappropriately. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed f...

5CVSS5.5AI score0.00157EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:16 p.m.6 views

CVE-2020-0084

In several functions of NotificationManagerService.java, there are missing permission checks. This could lead to local escalation of privilege by creating fake system notifications with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS6.8AI score0.0015EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:16 p.m.8 views

CVE-2020-0381

In Parsewave of easmdls.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote information disclosure in a highly constrained process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.5CVSS7.2AI score0.01494EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:16 p.m.6 views

CVE-2020-0174

In Parseptbl of easmdls.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-127313537...

6.5CVSS6.7AI score0.00762EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/22 12:0 a.m.9 views

PT-2024-12703 · Tcl +1 · Tcl 30Z +4

Name of the Vulnerable Software and Affected Versions: TCL 30Z versions 12/SP1A.210812.016/LV8E through 12/SP1A.210812.016/vU6X TCL A3X versions 11/RKQ1.201202.002/vAAZ through 11/RKQ1.201202.002/vABS TCL 20XE versions 11/RP1A.200720.011/PB7I-0 through 11/RP1A.200720.011/PB83-0 TCL 10L versions...

8.8CVSS6.2AI score0.00454EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/22 12:0 a.m.6 views

PT-2024-12701 · Tcl · Tcl A3X +1

Name of the Vulnerable Software and Affected Versions: TCL 30Z versions TCL/4188R/Jetta ATT:12/SP1A.210812.016/LV8E:user/release-keys through TCL/T602DL/Jetta TF:12/SP1A.210812.016/vU6X:user/release-keys TCL A3X versions TCL/A600DL/Delhi TF:11/RKQ1.201202.002/vAAZ:user/release-keys through...

8CVSS6.4AI score0.00266EPSS
Exploits0References4
OSV
OSV
added 2023/02/28 5:15 p.m.3 views

CVE-2023-20945

In phNciNfcMfCreateXchgDataHdr of phNxpExtnsMifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7.8CVSS5.9AI score0.00174EPSS
Exploits0References1
OSV
OSV
added 2023/02/28 5:15 p.m.4 views

CVE-2023-20944

In run of ChooseTypeAndAccountActivity.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS7.2AI score0.00189EPSS
Exploits0References1
OSV
OSV
added 2023/02/28 5:15 p.m.4 views

CVE-2023-20943

In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion...

7.8CVSS7.2AI score0.00184EPSS
Exploits0References1
OSV
OSV
added 2023/02/28 5:15 p.m.7 views

CVE-2023-20933

In several functions of MediaCodec.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-...

7.8CVSS5.9AI score0.00172EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/28 12:0 a.m.6 views

PT-2023-17733 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: The issue is related to a possible escalation of privilege due to unsafe deserialization in the ChooseTypeAndAccountActivity.java file. This could lead to local escalation of privile...

7.8CVSS7.4AI score0.00189EPSS
Exploits0References2
Rows per page
Query Builder