|
211911
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In readBlock of MatroskaExtractor.cpp, there is a possible denial of service due to resource exhaustion. This could lead to remote denial of service with no additional execution privileges needed. Us…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-0491
|
2024-11-21 13:53 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211912
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In floor1_info_unpack of floor1.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges neede…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-0490
|
2024-11-21 13:53 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211913
|
8.8 |
HIGH
Network
|
google
|
android
|
In Parse_data of eas_mdls.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in the media extractor with no additional execution privil…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-0489
|
2024-11-21 13:53 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211914
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In ihevc_inter_pred_chroma_copy_ssse3 of ihevc_inter_pred_filters_ssse3_intr.c, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure …
|
CWE-200
CWE-909
Information Exposure
Missing Initialization of Resource
|
CVE-2020-0488
|
2024-11-21 13:53 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211915
|
7.8 |
HIGH
Local
|
google
|
android
|
In openAssetFileListener of ContactsProvider2.java, there is a possible permission bypass due to an insecure default value. This could lead to local escalation of privilege to change contact data wit…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-0486
|
2024-11-21 13:53 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211916
|
7.8 |
HIGH
Local
|
google
|
android
|
In areFunctionsSupported of UsbBackend.java, there is a possible access to tethering from a guest account due to a missing permission check. This could lead to local escalation of privilege with no a…
|
CWE-862
Missing Authorization
|
CVE-2020-0485
|
2024-11-21 13:53 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211917
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In destroyResources of ComposerClient.h, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User in…
|
CWE-787
CWE-416
Out-of-bounds Write
Use After Free
|
CVE-2020-0484
|
2024-11-21 13:53 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211918
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In DrmManagerService::~DrmManagerService() of DrmManagerService.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execut…
|
CWE-416
Use After Free
|
CVE-2020-0483
|
2024-11-21 13:53 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211919
|
4.4 |
MEDIUM
Local
|
google
|
android
|
In command of IncidentService.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. Us…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-0482
|
2024-11-21 13:53 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211920
|
3.3 |
LOW
Local
|
google
|
android
|
In AndroidManifest.xml, there is a possible permissions bypass. This could lead to local escalation of privilege allowing a non-system app to send a broadcast it shouldn't have permissions to send, w…
|
CWE-863
Incorrect Authorization
|
CVE-2020-0481
|
2024-11-21 13:53 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
