|
211061
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In nfa_hciu_send_msg of nfa_hci_utils.cc, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in the NFC server with System exec…
|
CWE-20
CWE-787
Improper Input Validation
Out-of-bounds Write
|
CVE-2020-0050
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211062
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In onReadBuffer() of StreamingSource.cpp, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privilege…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2020-0049
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211063
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In onTransact of IAudioFlinger.cpp, there is a possible stack information leak due to uninitialized data. This could lead to local information disclosure with no additional execution privileges neede…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2020-0048
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211064
|
3.3 |
LOW
Local
|
google
|
android
|
In setMasterMute of AudioService.java, there is a missing permission check. This could lead to local silencing of audio with no additional execution privileges needed. User interaction is not needed …
|
CWE-862
Missing Authorization
|
CVE-2020-0047
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211065
|
7.8 |
HIGH
Local
|
google
|
android
|
In DrmPlugin::releaseSecureStops of DrmPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-0046
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211066
|
6.4 |
MEDIUM
Local
|
google
|
android
|
In StatsService::command of StatsService.cpp, there is possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. Us…
|
CWE-362
CWE-787
Race Condition
Out-of-bounds Write
|
CVE-2020-0045
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211067
|
7.5 |
HIGH
Network
|
google
|
android
|
In setRequirePmfInternal of sta_network.cpp, there is a possible default value being improperly applied due to a logic error. This could lead to remote denial of service with no additional execution …
|
NVD-CWE-noinfo
|
CVE-2020-0083
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211068
|
7.8 |
HIGH
Local
|
google
huawei
|
android
berkeley-l09_firmware
columbia-al10b_firmware
columbia-l29d_firmware
columbia-tl00b_firmware
columbia-tl00d_firmware
cornell-al00a_firmware
cornell-tl10b_firmware
dura…
|
In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local e…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-0069
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211069
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In Pixel Recorder, there is a possible permissions bypass allowing arbitrary apps to record audio. This could lead to local information disclosure with no additional execution privileges needed. User…
|
NVD-CWE-noinfo
|
CVE-2020-0061
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211070
|
4.4 |
MEDIUM
Local
|
google
|
android
|
In query of SmsProvider.java and MmsSmsProvider.java, there is a possible permission bypass due to SQL injection. This could lead to local information disclosure with System execution privileges need…
|
CWE-89
SQL Injection
|
CVE-2020-0060
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
