|
212141
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In getCellLocation of PhoneInterfaceManager.java, there is a possible permission bypass due to a missing SDK version check. This could lead to local information disclosure with no additional executio…
|
CWE-862
Missing Authorization
|
CVE-2020-0106
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212142
|
7.8 |
HIGH
Local
|
google
|
android
|
In onKeyguardVisibilityChanged of key_store_service.cpp, there is a missing permission check. This could lead to local escalation of privilege, allowing apps to use keyguard-bound keys when the scree…
|
CWE-862
Missing Authorization
|
CVE-2020-0105
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212143
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In onShowingStateChanged of KeyguardStateMonitor.java, there is a possible inappropriate read due to a logic error. This could lead to local information disclosure of keyguard-protected data with no …
|
NVD-CWE-noinfo
|
CVE-2020-0104
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212144
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In a2dp_aac_decoder_cleanup of a2dp_aac_decoder.cc, there is a possible invalid free due to memory corruption. This could lead to remote code execution with no additional execution privileges needed.…
|
CWE-787
CWE-763
Out-of-bounds Write
Release of Invalid Pointer or Reference
|
CVE-2020-0103
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212145
|
7.8 |
HIGH
Local
|
google
|
android
|
In GattServer::SendResponse of gatt_server.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privilege…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-0102
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212146
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In BnCrypto::onTransact of ICrypto.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. …
|
CWE-908
CWE-909
Use of Uninitialized Resource
Missing Initialization of Resource
|
CVE-2020-0101
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212147
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In onTransact of IHDCP.cpp, there is a possible out of bounds read due to incorrect error handling. This could lead to local information disclosure of data from a privileged process with no additiona…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-0100
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212148
|
7.8 |
HIGH
Local
|
google
|
android
|
In navigateUpToLocked of ActivityStack.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges n…
|
NVD-CWE-noinfo
|
CVE-2020-0098
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212149
|
7.8 |
HIGH
Local
|
google
|
android
|
In various methods of PackageManagerService.java, there is a possible permission bypass due to a missing condition for system apps. This could lead to local escalation of privilege with User privileg…
|
CWE-863
Incorrect Authorization
|
CVE-2020-0097
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212150
|
7.8 |
HIGH
Local
|
google
|
android
|
In startActivities of ActivityStartController.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution…
|
NVD-CWE-noinfo
|
CVE-2020-0096
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
