VYPR

Android

by Google

CVEs (4,680)

  • CVE-2020-0100MedMay 14, 2020
    risk 0.36cvss 5.5epss 0.00

    In onTransact of IHDCP.cpp, there is a possible out of bounds read due to incorrect error handling. This could lead to local information disclosure of data from a privileged process with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2019-2088MedMar 15, 2020
    risk 0.36cvss 5.5epss 0.00

    In StatsService, there is a possible out of bounds read. This could lead to local information disclosure if UBSAN were not enabled, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10 Android ID:…

  • CVE-2020-0087MedMar 10, 2020
    risk 0.36cvss 5.5epss 0.00

    In getProcessPss of ActivityManagerService.java, there is a possible side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0057MedMar 10, 2020
    risk 0.36cvss 5.5epss 0.00

    In btm_process_inq_results of btm_inq.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0056MedMar 10, 2020
    risk 0.36cvss 5.5epss 0.00

    In btu_hcif_connection_comp_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0055MedMar 10, 2020
    risk 0.36cvss 5.5epss 0.00

    In l2c_link_process_num_completed_pkts of l2c_link.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0048MedMar 10, 2020
    risk 0.36cvss 5.5epss 0.00

    In onTransact of IAudioFlinger.cpp, there is a possible stack information leak due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0061MedMar 10, 2020
    risk 0.36cvss 5.5epss 0.00

    In Pixel Recorder, there is a possible permissions bypass allowing arbitrary apps to record audio. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2020-0035MedMar 10, 2020
    risk 0.36cvss 5.5epss 0.00

    In query of TelephonyProvider.java, there is a possible access to SIM card info due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0023MedFeb 13, 2020
    risk 0.36cvss 5.5epss 0.00

    In setPhonebookAccessPermission of AdapterService.java, there is a possible disclosure of user contacts over bluetooth due to a missing permission check. This could lead to local information disclosure if a malicious app enables contacts over a bluetooth connection, with User…

  • CVE-2020-0020MedFeb 13, 2020
    risk 0.36cvss 5.5epss 0.00

    In getAttributeRange of ExifInterface.java, there is a possible failure to redact location information from media files due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for…

  • CVE-2020-0004MedJan 8, 2020
    risk 0.36cvss 5.5epss 0.00

    In generateCrop of WallpaperManagerService.java, there is a possible sysui crash due to image exceeding maximum texture size. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2019-9465MedJan 7, 2020
    risk 0.36cvss 5.5epss 0.00

    In the Titan M handling of cryptographic operations, there is a possible information disclosure due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product:…

  • CVE-2019-9464MedDec 6, 2019
    risk 0.36cvss 5.5epss 0.00

    In various functions of RecentLocationApps.java, DevicePolicyManagerService.java, and RecognitionService.java, there is an incorrect warning indicating an app accessed the user's location. This could dissolve the trust in the platform's permission system, with no additional…

  • CVE-2019-2209MedNov 13, 2019
    risk 0.36cvss 5.5epss 0.00

    In BTA_DmPinReply of bta_dm_api.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2019-9427MedSep 27, 2019
    risk 0.36cvss 5.5epss 0.00

    In Bluetooth, there is a possible information disclosure due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:…

  • CVE-2019-9376MedSep 27, 2019
    risk 0.36cvss 5.5epss 0.00

    In Account of Account.java, there is a possible boot loop due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Android; Versions: Android-9,…

  • CVE-2019-9369MedSep 27, 2019
    risk 0.36cvss 5.5epss 0.00

    In Bluetooth, there is a use of uninitialized variable. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-79995407

  • CVE-2019-9312MedSep 27, 2019
    risk 0.36cvss 5.5epss 0.00

    In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:…

  • CVE-2019-9289MedSep 27, 2019
    risk 0.36cvss 5.5epss 0.00

    In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:…

Page 152 of 234