Lucene search
K

4329 matches found

Debian CVE
Debian CVE
added 2020/10/14 1:7 p.m.39 views

CVE-2020-0423

In binderreleasework of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

7.8CVSS5.2AI score0.00503EPSS
Exploits2
Cvelist
Cvelist
added 2020/10/14 1:7 p.m.21 views

CVE-2020-0423

In binderreleasework of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

7.8AI score0.00503EPSS
Exploits2References2
Hacker One
Hacker One
added 2020/10/13 7:28 p.m.279 views

HackerOne: 2020-10-09 Credential Stuffing Attack

Executive summary On October 4, 2020 and October 5, 2020, an attacker launched two credential stuffing attacks against HackerOne.com. On October 9, 2020, HackerOne’s Security team noticed the attack during their weekly audit of anomalies in their log aggregation platform, leading to the Incident...

0.9AI score
Exploits0
NVD
NVD
added 2020/09/23 10:15 p.m.19 views

CVE-2020-25604

An issue was discovered in Xen through 4.14.x. There is a race condition when migrating timers between x86 HVM vCPUs. When migrating timers of x86 HVM guests between its vCPUs, the locking model used allows for a second vCPU of the same guest also operating on the timers to release a lock that it...

4.7CVSS0.00261EPSS
Exploits0References7
Cvelist
Cvelist
added 2020/09/23 9:18 p.m.30 views

CVE-2020-25604

An issue was discovered in Xen through 4.14.x. There is a race condition when migrating timers between x86 HVM vCPUs. When migrating timers of x86 HVM guests between its vCPUs, the locking model used allows for a second vCPU of the same guest also operating on the timers to release a lock that it...

5.6AI score0.00261EPSS
Exploits0References7
Zero Day Initiative
Zero Day Initiative
added 2020/09/21 12:0 a.m.42 views

Apple macOS process_token_TexSubImage2D Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...

7.8CVSS4.2AI score0.00216EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/18 12:0 a.m.1 views

Google Android Media extractor cross-site scripting vulnerability

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A cross-site scripting vulnerability exists in the Android-11 version of Media extractor. The vulnerability stems from improper locking and can be exploited by an attacker to cause remote code...

8.8CVSS7.4AI score0.00559EPSS
Exploits0References1
OSV
OSV
added 2020/09/17 9:15 p.m.2 views

CVE-2020-0357

In SurfaceFlinger, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the graphics server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:...

7.8CVSS7.2AI score0.0012EPSS
Exploits0References1
OSV
OSV
added 2020/09/17 9:15 p.m.3 views

CVE-2020-0303

In the Media extractor, there is a possible use after free due to improper locking. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-1482232...

8.8CVSS7.8AI score0.00559EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/09/17 8:51 p.m.20 views

CVE-2020-0303

In the Media extractor, there is a possible use after free due to improper locking. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-1482232...

9.2AI score0.00559EPSS
Exploits0References1
CVE
CVE
added 2020/09/17 8:51 p.m.48 views

CVE-2020-0303

CVE-2020-0303 affects the Android 11 Media extractor, where a use-after-free caused by improper locking can lead to remote code execution. The issue concerns the media-extractor component (Android-11) and is described as enabling remote code execution with no or minimal privileges; exploitation r...

8.8CVSS9AI score0.00559EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/09/17 7:15 p.m.10 views

CVE-2020-0433

In blkmqqueuetagbusyiter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...

7.8CVSS0.00151EPSS
Exploits0References1
OSV
OSV
added 2020/09/17 7:15 p.m.1 views

DEBIAN-CVE-2020-0433

In blkmqqueuetagbusyiter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...

7.8CVSS6.5AI score0.00151EPSS
Exploits0References1
OSV
OSV
added 2020/09/17 7:15 p.m.4 views

CVE-2020-0433

In blkmqqueuetagbusyiter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...

7.8CVSS8.1AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2020/09/17 7:15 p.m.4 views

CVE-2020-0433

In blkmqqueuetagbusyiter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...

7.8CVSS5.6AI score0.00151EPSS
Exploits0References2
Prion
Prion
added 2020/09/17 7:15 p.m.17 views

Design/Logic Flaw

In blkmqqueuetagbusyiter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...

4.6CVSS7.7AI score0.00151EPSS
Exploits0References1
OSV
OSV
added 2020/09/17 7:15 p.m.0 views

UBUNTU-CVE-2020-0433

In blkmqqueuetagbusyiter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...

7.8CVSS6.8AI score0.00151EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2020/09/17 7:15 p.m.26 views

CVE-2020-0433

In blkmqqueuetagbusyiter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...

7.8CVSS7AI score0.00151EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/09/17 6:45 p.m.21 views

CVE-2020-0433

In blkmqqueuetagbusyiter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...

8.4AI score0.00151EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2020/09/17 6:45 p.m.20 views

CVE-2020-0433

In blkmqqueuetagbusyiter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID...

7.8CVSS6.2AI score0.00151EPSS
Exploits0
Rows per page
Query Builder