VYPR

Android

by Google

CVEs (4,041)

  • CVE-2020-0473Dec 15, 2020
    risk 0.00cvss epss 0.00

    In updateIncomingFileConfirmNotification of BluetoothOppNotification.java, there is a possible permissions bypass. This could lead to local escalation of privilege allowing an attacker with physical possession of the device to transfer files to it over Bluetooth, with no…

  • CVE-2020-0469Dec 14, 2020
    risk 0.00cvss epss 0.00

    In addEscrowToken of LockSettingsService.java, there is a possible loss of the synthetic password due to logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0464Dec 14, 2020
    risk 0.00cvss epss 0.00

    In resolv_cache_lookup of res_cache.cpp, there is a possible side channel information disclosure. This could lead to local information disclosure of accessed web resources with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0437Nov 10, 2020
    risk 0.00cvss epss 0.00

    In CellBroadcastReceiver's intent handlers, there is a possible denial of service due to a missing permission check. This could lead to local denial of service of emergency alerts with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0449Nov 10, 2020
    risk 0.00cvss epss 0.01

    In btm_sec_disconnected of btm_sec.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution in the Bluetooth server with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2020-0438Nov 10, 2020
    risk 0.00cvss epss 0.00

    In the AIBinder_Class constructor of ibinder.cpp, there is a possible arbitrary code execution due to uninitialized data. This could lead to local escalation of privilege if a process were using libbinder_ndk in a vulnerable way with no additional execution privileges needed.…

  • CVE-2020-0453Nov 10, 2020
    risk 0.00cvss epss 0.00

    In updateNotification of BeamTransferManager.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0451Nov 10, 2020
    risk 0.00cvss epss 0.02

    In sbrDecoder_AssignQmfChannels2SbrChannels of sbrdecoder.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2020-0442Nov 10, 2020
    risk 0.00cvss epss 0.01

    In Message and toBundle of Notification.java, there is a possible UI slowdown or crash due to improper input validation. This could lead to remote denial of service if a malicious contact file is received, with no additional execution privileges needed. User interaction is not…

  • CVE-2020-0415Oct 14, 2020
    risk 0.00cvss epss 0.00

    In various locations in SystemUI, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure of contact data with User execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2020-0416Oct 14, 2020
    risk 0.00cvss epss 0.01

    In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2020-0365Sep 18, 2020
    risk 0.00cvss epss 0.00

    In netd, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-137346580

  • CVE-2020-0315Sep 18, 2020
    risk 0.00cvss epss 0.00

    In Zen Mode, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-155642026

  • CVE-2020-0304Sep 18, 2020
    risk 0.00cvss epss 0.00

    In Settings, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-151645695

  • CVE-2020-0300Sep 18, 2020
    risk 0.00cvss epss 0.01

    In NFC, there is a possible out of bounds read due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-148736216

  • CVE-2020-0291Sep 18, 2020
    risk 0.00cvss epss 0.00

    In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges and a compromised Firmware needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0286Sep 18, 2020
    risk 0.00cvss epss 0.01

    In Bluetooth AVRCP, there is a possible leak of audio metadata due to residual data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0285Sep 18, 2020
    risk 0.00cvss epss 0.00

    In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0284Sep 18, 2020
    risk 0.00cvss epss 0.00

    In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0282Sep 18, 2020
    risk 0.00cvss epss 0.01

    In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure. System execution privileges, a Firmware compromise, and User interaction are needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

Page 182 of 203