|
215461
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In requestCellInfoUpdateInternal of PhoneInterfaceManager.java, there is a missing permission check. This could lead to local information disclosure of location data with no additional execution priv…
|
CWE-862
Missing Authorization
|
CVE-2020-0250
|
2024-11-21 13:53 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215462
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In postInstantAppNotif of InstantAppNotifier.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local information disclosure with User execution privileges n…
|
NVD-CWE-noinfo
|
CVE-2020-0249
|
2024-11-21 13:53 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215463
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In postInstantAppNotif of InstantAppNotifier.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local information disclosure with User execution privileges n…
|
NVD-CWE-noinfo
|
CVE-2020-0248
|
2024-11-21 13:53 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215464
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In Threshold::getHistogram of ImageProcessHelper.java, there is a possible crash loop due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. U…
|
CWE-755
CWE-835
Improper Handling of Exceptional Conditions
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-0247
|
2024-11-21 13:53 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215465
|
7.8 |
HIGH
Local
|
google
|
android
|
In clearPropValue of MediaAnalyticsItem.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execut…
|
CWE-416
CWE-667
Use After Free
Improper Locking
|
CVE-2020-0243
|
2024-11-21 13:53 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215466
|
7.8 |
HIGH
Local
|
google
|
android
|
In reset of NuPlayerDriver.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privilege…
|
CWE-416
CWE-667
Use After Free
Improper Locking
|
CVE-2020-0242
|
2024-11-21 13:53 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215467
|
7.8 |
HIGH
Local
|
google
|
android
|
In NuPlayerStreamListener of NuPlayerStreamListener.cpp, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privil…
|
CWE-787
CWE-415
Out-of-bounds Write
Double Free
|
CVE-2020-0241
|
2024-11-21 13:53 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215468
|
8.8 |
HIGH
Network
|
google
|
android
|
In NewFixedDoubleArray of factory.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User…
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2020-0240
|
2024-11-21 13:53 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215469
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In getDocumentMetadata of DocumentsContract.java, there is a possible disclosure of location metadata from a file due to a permissions bypass. This could lead to local information disclosure from a f…
|
CWE-862
Missing Authorization
|
CVE-2020-0239
|
2024-11-21 13:53 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215470
|
7.0 |
HIGH
Local
|
google
|
android
|
In updatePreferenceIntents of AccountTypePreferenceLoader, there is a possible confused deputy attack due to a race condition. This could lead to local escalation of privilege and launching privilege…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2020-0238
|
2024-11-21 13:53 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
