|
221491
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In onTransact of IAudioFlinger.cpp, there is a possible stack information leak due to uninitialized data. This could lead to local information disclosure with no additional execution privileges neede…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2020-0048
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221492
|
3.3 |
LOW
Local
|
google
|
android
|
In setMasterMute of AudioService.java, there is a missing permission check. This could lead to local silencing of audio with no additional execution privileges needed. User interaction is not needed …
|
CWE-862
Missing Authorization
|
CVE-2020-0047
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221493
|
7.8 |
HIGH
Local
|
google
|
android
|
In DrmPlugin::releaseSecureStops of DrmPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-0046
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221494
|
6.4 |
MEDIUM
Local
|
google
|
android
|
In StatsService::command of StatsService.cpp, there is possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. Us…
|
CWE-362
CWE-787
Race Condition
Out-of-bounds Write
|
CVE-2020-0045
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221495
|
7.5 |
HIGH
Network
|
google
|
android
|
In setRequirePmfInternal of sta_network.cpp, there is a possible default value being improperly applied due to a logic error. This could lead to remote denial of service with no additional execution …
|
NVD-CWE-noinfo
|
CVE-2020-0083
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221496
|
7.8 |
HIGH
Local
|
google
huawei
|
android
berkeley-l09_firmware
columbia-al10b_firmware
columbia-l29d_firmware
columbia-tl00b_firmware
columbia-tl00d_firmware
cornell-al00a_firmware
cornell-tl10b_firmware
dura…
|
In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local e…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-0069
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221497
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In Pixel Recorder, there is a possible permissions bypass allowing arbitrary apps to record audio. This could lead to local information disclosure with no additional execution privileges needed. User…
|
NVD-CWE-noinfo
|
CVE-2020-0061
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221498
|
4.4 |
MEDIUM
Local
|
google
|
android
|
In query of SmsProvider.java and MmsSmsProvider.java, there is a possible permission bypass due to SQL injection. This could lead to local information disclosure with System execution privileges need…
|
CWE-89
SQL Injection
|
CVE-2020-0060
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221499
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In btm_ble_batchscan_filter_track_adv_vse_cback of btm_ble_batchscan.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no …
|
CWE-125
Out-of-bounds Read
|
CVE-2020-0059
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221500
|
4.4 |
MEDIUM
Local
|
google
|
android
|
In l2c_rcv_acl_data of l2c_main.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. U…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-0058
|
2024-11-21 13:52 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
