7 matches found
CVE-2020-0001
In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1,...
Buffer not correctly recycled in Gzip Request inflation
Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see...
londonservicedapartments.co.uk Cross Site Scripting vulnerability OBB-1370603
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
sotkoviny.cz Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1123199 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
CVE-2020-0001
CVE-2020-0001 affects Android’s framework (ActivityManagerService.java, getProcessRecordLocked). The issue arises from improper handling of isolated apps, enabling local escalation of privilege without extra execution privileges. Impact is described as local elevation of privilege with high confi...
CVE-2020-0001
In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1,...
m.myforecast.com Improper Access Control vulnerability
Open Bug Bounty ID: OBB-1022876 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...