|
212151
|
7.8 |
HIGH
Local
|
google
|
android
|
In setImageHeight and setImageWidth of ExifUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional exe…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-0094
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212152
|
5.0 |
MEDIUM
Local
|
google
debian
canonical
libexif_project
opensuse
|
android
debian_linux
ubuntu_linux
libexif
leap
|
In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privile…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-0093
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212153
|
5.0 |
MEDIUM
Local
|
google
|
android
|
In setHideSensitive of NotificationStackScrollLayout.java, there is a possible disclosure of sensitive notification content due to a permissions bypass. This could lead to local information disclosur…
|
CWE-200
Information Exposure
|
CVE-2020-0092
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212154
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In mnld, an incorrect configuration in driver_cfg of mnld for meta factory mode.Product: AndroidVersions: Android SoCAndroid ID: A-149808700
|
NVD-CWE-noinfo
|
CVE-2020-0091
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212155
|
5.5 |
MEDIUM
Local
|
google
|
android
|
An improper authorization in the receiver component of Email.Product: AndroidVersions: Android SoCAndroid ID: A-149813048
|
NVD-CWE-noinfo
|
CVE-2020-0090
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212156
|
5.5 |
MEDIUM
Local
|
google
|
android
|
An improper authorization in the receiver component of the Android Suite Daemon.Product: AndroidVersions: Android SoCAndroid ID: A-149813448
|
NVD-CWE-noinfo
|
CVE-2020-0065
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212157
|
5.5 |
MEDIUM
Local
|
google
|
android
|
An improper authorization while processing the provisioning data.Product: AndroidVersions: Android SoCAndroid ID: A-149866855
|
NVD-CWE-noinfo
|
CVE-2020-0064
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212158
|
7.8 |
HIGH
Local
|
google
|
android
|
In onCreate of SettingsBaseActivity.java, there is a possible unauthorized setting modification due to a permissions bypass. This could lead to local escalation of privilege with no additional execut…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-0024
|
2024-11-21 13:52 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212159
|
8.1 |
HIGH
Network
|
dahuasecurity
|
sd6al_firmware
sd5a_firmware
sd1a_firmware
ptz1a_firmware
sd50_firmware
sd52c_firmware
ipc-hx5842h_firmware
ipc-hx7842h_firmware
ipc-hx2xxx_firmware
ipc-hxxx5x4x_firmware
Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak securi…
|
CWE-276
Incorrect Default Permissions
|
CVE-2019-9682
|
2024-11-21 13:52 |
2020-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
212160
|
7.8 |
HIGH
Local
|
google
|
android
|
In ExternalVibration of ExternalVibration.java, there is a possible activation of an arbitrary intent due to unsafe deserialization. This could lead to local escalation of privilege to system_server …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-0082
|
2024-11-21 13:52 |
2020-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
