VYPR

Android

by Google

CVEs (4,290)

  • CVE-2020-27033MedDec 15, 2020
    risk 0.29cvss 4.4epss 0.00

    In nfc_ncif_proc_get_routing of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0291MedSep 18, 2020
    risk 0.29cvss 4.4epss 0.00

    In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges and a compromised Firmware needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0282MedSep 18, 2020
    risk 0.29cvss 4.5epss 0.01

    In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure. System execution privileges, a Firmware compromise, and User interaction are needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0281MedSep 18, 2020
    risk 0.29cvss 4.5epss 0.01

    In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure. System execution privileges, a Firmware compromise, and User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0328MedSep 17, 2020
    risk 0.29cvss 4.4epss 0.00

    In the camera, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150156131

  • CVE-2020-0158MedJun 11, 2020
    risk 0.29cvss 4.4epss 0.00

    In nfc_ncif_proc_t3t_polling_ntf of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0154MedJun 11, 2020
    risk 0.29cvss 4.4epss 0.00

    In nci_proc_core_rsp of nci_hrcv.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for…

  • CVE-2020-0149MedJun 11, 2020
    risk 0.29cvss 4.4epss 0.00

    In btu_hcif_mode_change_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for…

  • CVE-2020-0139MedJun 11, 2020
    risk 0.29cvss 4.4epss 0.00

    In NDEF_MsgValidate of ndef_utils.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure if a malformed NFC tag is provided by the firmware. System execution privileges are needed and user interaction is not needed…

  • CVE-2020-0135MedJun 11, 2020
    risk 0.29cvss 4.4epss 0.00

    In dump of RollbackManagerServiceImpl.java, there is a possible backup metadata exposure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0058MedMar 10, 2020
    risk 0.29cvss 4.4epss 0.00

    In l2c_rcv_acl_data of l2c_main.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0043MedMar 10, 2020
    risk 0.29cvss 4.4epss 0.00

    In authorize_enrol of fpc_ta_hw_auth.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2015-8944MedAug 6, 2016
    risk 0.29cvss 5.5epss 0.01

    The ioresources_init function in kernel/resource.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices, uses weak permissions for /proc/iomem, which allows local users to obtain sensitive information by reading this file, aka…

  • CVE-2014-9900MedAug 6, 2016
    risk 0.29cvss 5.5epss 0.01

    The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not initialize a certain data structure, which allows local users to obtain sensitive information via a crafted…

  • CVE-2014-9895MedAug 6, 2016
    risk 0.29cvss 5.5epss 0.01

    drivers/media/media-device.c in the Linux kernel before 3.11, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize certain data structures, which allows local users to obtain sensitive information via a crafted application, aka…

  • CVE-2014-9892MedAug 6, 2016
    risk 0.29cvss 5.5epss 0.01

    The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information…

  • CVE-2016-0821MedMar 12, 2016
    risk 0.29cvss 5.5epss 0.00

    The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in Android 6.0.1 before 2016-03-01, does not properly consider the relationship to the mmap_min_addr value, which makes it easier for attackers to bypass a poison-pointer protection…

  • CVE-2020-0499MedDec 15, 2020
    risk 0.28cvss 4.3epss 0.04

    In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2017-13269MedApr 4, 2018
    risk 0.28cvss 4.3epss 0.00

    A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68818034.

  • CVE-2017-13268MedApr 4, 2018
    risk 0.28cvss 4.3epss 0.00

    A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67058064.

Page 159 of 215