|
208181
|
6.4 |
MEDIUM
Local
|
google
|
android
|
In the l2tp subsystem, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not ne…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2020-27067
|
2024-11-21 14:20 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208182
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In xfrm6_tunnel_free_spi of net/ipv6/xfrm6_tunnel.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges need…
|
CWE-416
CWE-667
Use After Free
Improper Locking
|
CVE-2020-27066
|
2024-11-21 14:20 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208183
|
3.3 |
LOW
Local
|
google
|
android
|
In getGpuStatsGlobalInfo and getGpuStatsAppInfo of GpuService.cpp, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure of gpu stat…
|
CWE-862
Missing Authorization
|
CVE-2020-27057
|
2024-11-21 14:20 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208184
|
3.3 |
LOW
Local
|
google
|
android
|
In SELinux policies of mls, there is a missing permission check. This could lead to local information disclosure of package metadata with no additional execution privileges needed. User interaction i…
|
CWE-862
Missing Authorization
|
CVE-2020-27056
|
2024-11-21 14:20 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208185
|
7.5 |
HIGH
Network
|
google
|
android
|
In isSubmittable and showWarningMessagesIfAppropriate of WifiConfigController.java and WifiConfigController2.java, there is a possible insecure WiFi configuration due to improper input validation. Th…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2020-27055
|
2024-11-21 14:20 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208186
|
7.8 |
HIGH
Local
|
google
|
android
|
In onFactoryReset of BluetoothManagerService.java, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti…
|
CWE-862
Missing Authorization
|
CVE-2020-27054
|
2024-11-21 14:20 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208187
|
4.4 |
MEDIUM
Local
|
google
|
android
|
In broadcastWifiCredentialChanged of ClientModeImpl.java, there is a possible location permission bypass due to a missing permission check. This could lead to local information disclosure of the WiFi…
|
CWE-862
Missing Authorization
|
CVE-2020-27053
|
2024-11-21 14:20 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208188
|
7.8 |
HIGH
Local
|
google
|
android
|
In getLockTaskLaunchMode of ActivityRecord.java, there is a possible way for any app to start in Lock Task Mode due to a permissions bypass. This could lead to local escalation of privilege with no a…
|
CWE-862
Missing Authorization
|
CVE-2020-27052
|
2024-11-21 14:20 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208189
|
7.8 |
HIGH
Local
|
google
|
android
|
In NFA_RwI93WriteMultipleBlocks of nfa_rw_api.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution pri…
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2020-27051
|
2024-11-21 14:20 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208190
|
7.8 |
HIGH
Local
|
google
|
android
|
In rw_i93_send_cmd_write_multi_blocks of rw_i93.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional executio…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-27050
|
2024-11-21 14:20 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
