Lucene search
K

952 matches found

Prion
Prion
added 2020/05/14 9:15 p.m.24 views

Design/Logic Flaw

In onCreate of SettingsBaseActivity.java, there is a possible unauthorized setting modification due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...

4.4CVSS8.1AI score0.0016EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/05/14 9:15 p.m.19 views

Design/Logic Flaw

In various methods of PackageManagerService.java, there is a possible permission bypass due to a missing condition for system apps. This could lead to local escalation of privilege with User privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

4.6CVSS8.1AI score0.00177EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2020/05/14 8:10 p.m.41 views

CVE-2020-0093

In exifdatasavedataentry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0...

5CVSS6.5AI score0.00301EPSS
Exploits0
Cvelist
Cvelist
added 2020/05/14 8:10 p.m.18 views

CVE-2020-0094

In setImageHeight and setImageWidth of ExifUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...

8AI score0.00151EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/05/14 8:10 p.m.20 views

CVE-2020-0103

In a2dpaacdecodercleanup of a2dpaacdecoder.cc, there is a possible invalid free due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-9Android...

9.5AI score0.01608EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/05/14 8:10 p.m.20 views

CVE-2020-0109

In simulatePackageSuspendBroadcast of NotificationManagerService.java, there is a missing permission check. This could lead to local escalation of privilege by creating fake system notifications with no additional execution privileges needed. User interaction is not needed for exploitation.Produc...

7.9AI score0.00138EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/05/14 8:9 p.m.23 views

CVE-2020-0097

In various methods of PackageManagerService.java, there is a possible permission bypass due to a missing condition for system apps. This could lead to local escalation of privilege with User privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

7.9AI score0.00177EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/05/14 8:8 p.m.23 views

CVE-2020-0101

In BnCrypto::onTransact of ICrypto.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1...

5.4AI score0.0014EPSS
Exploits0References1
CVE
CVE
added 2020/05/14 8:8 p.m.52 views

CVE-2020-0104

CVE-2020-0104 affects Android 9 and 10, due to a logic error in KeyguardStateMonitor.java (onShowingStateChanged) that can disclose keyguard-protected data locally without extra privileges or user interaction. The issue is documented with a local-privilege/exposure impact (CVSS 3.1/5.5; CVSS2 bas...

5.5CVSS5AI score0.00167EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/05/14 8:8 p.m.27 views

CVE-2020-0104

In onShowingStateChanged of KeyguardStateMonitor.java, there is a possible inappropriate read due to a logic error. This could lead to local information disclosure of keyguard-protected data with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

5.3AI score0.00167EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/05/14 8:8 p.m.15 views

CVE-2020-0098

In navigateUpToLocked of ActivityStack.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

8AI score0.00152EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/05/14 8:8 p.m.18 views

CVE-2020-0024

In onCreate of SettingsBaseActivity.java, there is a possible unauthorized setting modification due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...

7.9AI score0.0016EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/04/20 12:0 a.m.28 views

EulerOS 2.0 SP8 : cups (EulerOS-SA-2020-1501)

According to the version of the cups packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In arrayfind of array.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure in...

5.5CVSS6.5AI score0.00203EPSS
Exploits0References2
OSV
OSV
added 2020/04/17 7:15 p.m.3 views

CVE-2020-0081

In finalize of AssetManager.java, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9...

7.8CVSS5.9AI score0.00165EPSS
Exploits0References2
NVD
NVD
added 2020/04/17 7:15 p.m.19 views

CVE-2020-0071

In rwt2textractdefaultlocksinfo of rwt2tndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

10CVSS9.4AI score0.01338EPSS
Exploits0References1
NVD
NVD
added 2020/04/17 7:15 p.m.22 views

CVE-2020-0079

In decrypt12 of CryptoPlugin.cpp, there is a possible out of bounds write due to stale pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID...

7.8CVSS7.8AI score0.0015EPSS
Exploits0References1
Prion
Prion
added 2020/04/17 7:15 p.m.16 views

Out-of-bounds

In decrypt12 of CryptoPlugin.cpp, there is a possible out of bounds write due to stale pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID...

4.6CVSS8.2AI score0.0015EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/04/17 7:15 p.m.13 views

Double free

In finalize of AssetManager.java, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9...

7.2CVSS8.3AI score0.00165EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2020/04/17 7:15 p.m.14 views

Out-of-bounds

In rwt2textractdefaultlocksinfo of rwt2tndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

10CVSS9.2AI score0.01338EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/04/17 7:15 p.m.12 views

Out-of-bounds

In rwt2thandletlvdetectrsp of rwt2tndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8....

10CVSS9.2AI score0.01338EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder