|
220111
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In libmp4extractor, there is a possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction…
|
CWE-20
CWE-770
Improper Input Validation
Allocation of Resources Without Limits or Throttling
|
CVE-2020-0353
|
2024-11-21 13:53 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220112
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In MediaProvider, there is a possible permissions bypass due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not …
|
CWE-89
SQL Injection
|
CVE-2020-0352
|
2024-11-21 13:53 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220113
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In libstagefright, there is possible CPU exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is n…
|
CWE-20
Improper Input Validation
|
CVE-2020-0351
|
2024-11-21 13:53 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220114
|
7.8 |
HIGH
Local
|
google
|
android
|
In Mediaserver, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if integer sanitization were not enabled (which it is by default),…
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2020-0346
|
2024-11-21 13:53 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220115
|
7.8 |
HIGH
Local
|
google
|
android
|
In DocumentsUI, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is ne…
|
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
|
CVE-2020-0345
|
2024-11-21 13:53 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220116
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In MediaProvider, there is a possible permissions bypass due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not …
|
CWE-89
SQL Injection
|
CVE-2020-0344
|
2024-11-21 13:53 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220117
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In NetworkStatsService, there is a possible access to protected data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.…
|
CWE-862
Missing Authorization
|
CVE-2020-0343
|
2024-11-21 13:53 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220118
|
7.8 |
HIGH
Local
|
google
|
android
|
In DisplayManager, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User inter…
|
CWE-862
Missing Authorization
|
CVE-2020-0341
|
2024-11-21 13:53 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220119
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In libcodec2_soft_mp3dec, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User i…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2020-0340
|
2024-11-21 13:53 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220120
|
5.0 |
MEDIUM
Local
|
google
|
android
|
In checkKeyIntent of AccountManagerService.java, there is a possible permission bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is need…
|
NVD-CWE-noinfo
|
CVE-2020-0338
|
2024-11-21 13:53 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
