Lucene search
K

952 matches found

Prion
Prion
added 2020/04/17 7:15 p.m.13 views

Out-of-bounds

In rwt2tupdatelockattributes of rwt2tndef.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

10CVSS9.2AI score0.01338EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/04/17 6:19 p.m.20 views

CVE-2020-0079

In decrypt12 of CryptoPlugin.cpp, there is a possible out of bounds write due to stale pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID...

8AI score0.0015EPSS
Exploits0References1
CVE
CVE
added 2020/04/17 6:19 p.m.153 views

CVE-2020-0081

CVE-2020-0081 is a local-elevation vulnerability in the Android Framework (AssetManager.java) caused by a double-free leading to memory corruption. Affected: Android 8.0–10; exploit requires local access with no user interaction. Exploitation status is not detailed in the provided documents. Reme...

7.8CVSS7.8AI score0.00165EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/04/17 6:19 p.m.18 views

CVE-2020-0081

In finalize of AssetManager.java, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9...

8.1AI score0.00165EPSS
Exploits0References2
OSV
OSV
added 2020/03/24 8:15 p.m.3 views

CVE-2019-20576

An issue was discovered on Samsung mobile devices with P9.0 software. The MemorySaver Content Provider allows SQL injection. The Samsung ID is SVE-2019-14365 August 2019...

9.8CVSS7.3AI score0.00399EPSS
Exploits0References1
NVD
NVD
added 2020/03/10 8:15 p.m.18 views

CVE-2020-0035

In query of TelephonyProvider.java, there is a possible access to SIM card info due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0...

5.5CVSS5.2AI score0.00162EPSS
Exploits0References1
OSV
OSV
added 2020/03/10 8:15 p.m.2 views

CVE-2020-0033

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to stale pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0...

7.8CVSS7.2AI score0.00199EPSS
Exploits0References1
NVD
NVD
added 2020/03/10 8:15 p.m.21 views

CVE-2020-0032

In ih264dreleasedisplaybufs of ih264dutils.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8...

9.3CVSS9AI score0.0156EPSS
Exploits0References1
Prion
Prion
added 2020/03/10 8:15 p.m.15 views

Out-of-bounds

In rwi93smupdatendef of rwi93.cc, there is a possible read of uninitialized data due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0...

7.8CVSS7.3AI score0.01145EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/03/10 7:56 p.m.18 views

CVE-2020-0036

In hasPermissions of PermissionMonitor.java, there is a possible access to restricted permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.9AI score0.00191EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2020/02/15 4:55 p.m.93 views

Exploit for Incorrect Calculation in Google Android

cve-2020-0022 poc for cve-2020-0022 usage gcc poc.c -l...

8.8CVSS8.7AI score0.05424EPSS
Exploits8
NVD
NVD
added 2020/02/13 3:15 p.m.16 views

CVE-2020-0028

In notifyNetworkTested and related functions of NetworkMonitor.java, there is a possible bypass of private DNS settings. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...

7.1CVSS6.3AI score0.02683EPSS
Exploits0References10
NVD
NVD
added 2020/02/13 3:15 p.m.14 views

CVE-2020-0027

In HidRawSensor::batch of HidRawSensor.cpp, there is a possible out of bounds write due to an unexpected switch fallthrough. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS7.8AI score0.00181EPSS
Exploits0References1
NVD
NVD
added 2020/02/13 3:15 p.m.18 views

CVE-2020-0026

In Parcel::continueWrite of Parcel.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1...

7.8CVSS7.9AI score0.00171EPSS
Exploits0References1
OSV
OSV
added 2020/02/13 3:15 p.m.6 views

CVE-2020-0018

In MotionEntry::appendDescription of InputDispatcher.cpp, there is a possible log information disclosure. This could lead to local disclosure of user input with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1...

4.4CVSS5.9AI score0.0016EPSS
Exploits0References1
Prion
Prion
added 2020/02/13 3:15 p.m.14 views

Information disclosure

In MotionEntry::appendDescription of InputDispatcher.cpp, there is a possible log information disclosure. This could lead to local disclosure of user input with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1...

2.1CVSS4.8AI score0.0016EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/02/13 3:15 p.m.16 views

Privilege escalation

It is possible for a malicious application to construct a TYPETOAST window manually and make that window clickable. This could lead to a local escalation of privilege with no additional execution privileges needed. User action is needed for exploitation.Product: AndroidVersions: Android-8.0...

4.3CVSS6.5AI score0.00964EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/02/13 3:15 p.m.19 views

Memory corruption

In Parcel::continueWrite of Parcel.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1...

7.2CVSS8.2AI score0.00171EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/02/13 3:15 p.m.18 views

Out-of-bounds

In HidRawSensor::batch of HidRawSensor.cpp, there is a possible out of bounds write due to an unexpected switch fallthrough. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.2CVSS8.2AI score0.00181EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/02/13 3:15 p.m.15 views

Buffer overflow

In onCreate of CertInstaller.java, there is a possible way to overlay the Certificate Installation dialog by a malicious application. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

4.4CVSS8.1AI score0.00162EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder