Total
34127 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-0263 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In the Accessibility service, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154913130 | ||||
| CVE-2020-0262 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In WiFi tethering, there is a possible attacker controlled intent due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156353008 | ||||
| CVE-2020-0261 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In C2 flame devices, there is a possible bypass of seccomp due to a missing configuration file. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-146059841 | ||||
| CVE-2020-0259 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In android_verity_ctr of dm-android-verity.c, there is a possible way to modify a dm-verity protected filesystem due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-157941353References: N/A | ||||
| CVE-2020-0257 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In SpecializeCommon of com_android_internal_os_Zygote.cpp, there is a permissions bypass due to an incomplete cleanup. This could lead to local escalation of privilege in isolated processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-156741968 | ||||
| CVE-2020-0249 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In postInstantAppNotif of InstantAppNotifier.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.0 Android-8.1 Android-9Android ID: A-154719656 | ||||
| CVE-2020-0248 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In postInstantAppNotif of InstantAppNotifier.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-154627439 | ||||
| CVE-2020-0228 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| There is an improper configuration of recorder related service. Product: AndroidVersions: Android SoCAndroid ID: A-156333723 | ||||
| CVE-2020-0201 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| In showSecurityFields of WifiConfigController.java there is a possible credential leak due to a confused deputy. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-143601727 | ||||
| CVE-2020-0188 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In onCreatePermissionRequest of SettingsSliceProvider.java, there is a possible permissions bypass due to a PendingIntent error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147355897 | ||||
| CVE-2020-0121 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In updateUidProcState of AppOpsService.java, there is a possible permission bypass due to a logic error. This could lead to local information disclosure of location data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-148180766 | ||||
| CVE-2020-0116 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In checkSystemLocationAccess of LocationAccessPolicy.java, there is a possible bypass of user profile isolation due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-151330809 | ||||
| CVE-2020-0114 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In onCreateSliceProvider of KeyguardSliceProvider.java, there is a possible confused deputy due to a PendingIntent error. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147606347 | ||||
| CVE-2020-0104 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In onShowingStateChanged of KeyguardStateMonitor.java, there is a possible inappropriate read due to a logic error. This could lead to local information disclosure of keyguard-protected data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-144430870 | ||||
| CVE-2020-0098 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In navigateUpToLocked of ActivityStack.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.0 Android-8.1 Android-9Android ID: A-144285917 | ||||
| CVE-2020-0096 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In startActivities of ActivityStartController.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-145669109 | ||||
| CVE-2020-0091 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In mnld, an incorrect configuration in driver_cfg of mnld for meta factory mode.Product: AndroidVersions: Android SoCAndroid ID: A-149808700 | ||||
| CVE-2020-0090 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| An improper authorization in the receiver component of Email.Product: AndroidVersions: Android SoCAndroid ID: A-149813048 | ||||
| CVE-2020-0083 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| In setRequirePmfInternal of sta_network.cpp, there is a possible default value being improperly applied due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142797954 | ||||
| CVE-2020-0080 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In onOpActiveChanged and related methods of AppOpsControllerImpl.java, there is a possible way to display an app overlaying other apps without the notification icon that it's overlaying. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-144092031 | ||||