|
213011
|
7.8 |
HIGH
Local
|
google
|
android
|
In onCreate of SettingsBaseActivity.java, there is a possible unauthorized setting modification due to a permissions bypass. This could lead to local escalation of privilege with no additional execut…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-0024
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213012
|
8.1 |
HIGH
Network
|
dahuasecurity
|
sd6al_firmware
sd5a_firmware
sd1a_firmware
ptz1a_firmware
sd50_firmware
sd52c_firmware
ipc-hx5842h_firmware
ipc-hx7842h_firmware
ipc-hx2xxx_firmware
ipc-hxxx5x4x_firmware
Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak securi…
|
CWE-276
Incorrect Default Permissions
|
CVE-2019-9682
|
2024-11-21 13:52 |
2020-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
213013
|
7.8 |
HIGH
Local
|
google
|
android
|
In ExternalVibration of ExternalVibration.java, there is a possible activation of an arbitrary intent due to unsafe deserialization. This could lead to local escalation of privilege to system_server …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-0082
|
2024-11-21 13:52 |
2020-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213014
|
7.8 |
HIGH
Local
|
google
fedoraproject
|
android
fedora
|
In finalize of AssetManager.java, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User inter…
|
CWE-787
CWE-415
Out-of-bounds Write
Double Free
|
CVE-2020-0081
|
2024-11-21 13:52 |
2020-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213015
|
7.8 |
HIGH
Local
|
google
|
android
|
In onOpActiveChanged and related methods of AppOpsControllerImpl.java, there is a possible way to display an app overlaying other apps without the notification icon that it's overlaying. This could l…
|
NVD-CWE-noinfo
|
CVE-2020-0080
|
2024-11-21 13:52 |
2020-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213016
|
7.8 |
HIGH
Local
|
google
|
android
|
In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds write due to stale pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-0079
|
2024-11-21 13:52 |
2020-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213017
|
7.8 |
HIGH
Local
|
google
|
android
|
In releaseSecureStops of DrmPlugin.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-0078
|
2024-11-21 13:52 |
2020-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213018
|
4.4 |
MEDIUM
Local
|
google
|
android
|
In authorize_enroll of the FPC IRIS TrustZone app, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileg…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-0077
|
2024-11-21 13:52 |
2020-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213019
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In get_auth_result of the FPC IRIS TrustZone app, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privile…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-0076
|
2024-11-21 13:52 |
2020-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213020
|
4.4 |
MEDIUM
Local
|
google
|
android
|
In set_shared_key of the FPC IRIS TrustZone app, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-0075
|
2024-11-21 13:52 |
2020-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
